Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1504861
MD5:9174e680d1b0ea8cdb3ee932ec2dfc6f
SHA1:49ba7df579d1b30e9c4474ba6733748614ab5c68
SHA256:136d5473ded4b9a2bef3ef6160a377c0965b4e7292fb81980219ef8cc7d96cfd
Tags:exe
Infos:

Detection

Score:64
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample file is different than original file name gathered from version info
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 6500 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 9174E680D1B0EA8CDB3EE932EC2DFC6F)
    • msedge.exe (PID: 1352 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 5616 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2056,i,6247163367441240488,2576398707470590896,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • firefox.exe (PID: 5608 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 3228 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 1816 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 3652 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2248 -parentBuildID 20230927232528 -prefsHandle 2196 -prefMapHandle 2188 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ccf95cfb-f749-4af2-904e-7994877402df} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2408cb6db10 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 1984 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -prefsHandle 4340 -prefMapHandle 4336 -prefsLen 26273 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f8d3111-a88f-4b01-91e4-af2e9be1c464} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2409f819410 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • msedge.exe (PID: 5948 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7188 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2688 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 4676 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6532 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8204 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6736 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8832 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --mojo-platform-channel-handle=8500 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7904 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=8648 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8788 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=price_comparison_service.mojom.DataProcessor --lang=en-GB --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=8496 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 5796 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=8780 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: file.exeReversingLabs: Detection: 26%
AI detected suspicious sample
Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
Machine Learning detection for sample
Source: file.exeJoe Sandbox ML: detected
Source: file.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0
Source: unknownHTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49775 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49789 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.5:49791 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49794 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49795 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49796 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49799 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49801 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49802 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49803 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49804 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49805 version: TLS 1.2
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BEDBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_00BEDBBE
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BBC2A2 FindFirstFileExW,0_2_00BBC2A2
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF68EE FindFirstFileW,FindClose,0_2_00BF68EE
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_00BF698F
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BED076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_00BED076
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BED3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_00BED3A9
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00BF9642
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00BF979D
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00BF9B2B
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF5C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00BF5C97
Source: firefox.exeMemory has grown: Private usage: 0MB later: 96MB
Source: Joe Sandbox ViewIP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox ViewIP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox ViewIP Address: 23.55.235.170 23.55.235.170
Source: Joe Sandbox ViewIP Address: 152.195.19.97 152.195.19.97
Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.31.69
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.65.174
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.174
Source: unknownTCP traffic detected without corresponding DNS query: 2.18.97.153
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BFCE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_00BFCE44
Source: global trafficHTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1Host: api.edgeoffer.microsoft.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=403473328&timestamp=1725539476166 HTTP/1.1Host: accounts.youtube.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/product_category_en/1.0.0/asset?assetgroup=ProductCategories HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ProductCategoriesSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1726144273&P2=404&P3=2&P4=gRzw0TlO28v3xn3M7ZJhhK0eBAMU0JhFJIg7WN8JZ5MTymrQli7NI%2bsdHZx608dhOnKfPCyJKrT9LBIEthiwCg%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 3Al34tMPCy06pq6FBnsh7ySec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "url": "https://www.facebook.com/", equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "url": "https://www.youtube.com/", equals www.youtube.com (Youtube)
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.twitter.com (Twitter)
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.youtube.com (Youtube)
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
Source: 000003.log7.8.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log7.8.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log7.8.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: firefox.exe, 00000005.00000003.2951636377.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2291354489.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788760828.000002409CB7D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Wikipedia&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Reddit&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Twitter&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></section></div></div></div></div><style data-styles="[[null]]"></style></div><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div></div></div></div><style data-styles="[[null]]"></style></div></div></main></div></div> equals www.twitter.com (Twitter)
Source: firefox.exe, 00000005.00000003.2479963202.000002409DDFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2249500185.000002409B379000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
Source: firefox.exe, 00000005.00000003.2249500185.000002409B379000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
Source: firefox.exe, 00000005.00000003.2479963202.000002409DDFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 00000005.00000003.2490394108.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DD83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.drString found in binary or memory: {"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605070894581","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605073479700","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605073618754","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://fonts.gstatic.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13370106673646437","port":443,"protocol_str":"quic"}],"anonymization":["FAAAABAAAABodHRwczovL2JpbmcuY29t",false],"server":"https://www.bing.com"},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605076960847","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",true],"server":"https://accounts.youtube.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605078686234","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://www.google.com"},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://edge.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605077598366","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"network_stats":{"srtt":233391},"server":"https://www.gstatic.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605107405812","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"network_stats":{"srtt":335461},"server":"https://play.google.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605079237187","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"network_stats":{"srtt":226681},"server":"https://accounts.google.com"}],"supports_quic":{"address":"192.168.2.5","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}} equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: example.org
Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: firefox.exe, 00000005.00000003.2248120040.000002409CE73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492675453.000002409CE73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000002.3337640147.000002408CB6D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: firefox.exe, 00000005.00000003.2475949403.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2951259551.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2531288077.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788464539.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906846651.000002409D936000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org
Source: firefox.exe, 00000005.00000003.2475949403.000002409CB98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-aarch64-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zi
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-arm-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-x86-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-x86_64-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-linux32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-macosx64-2e1774ab6dc6c43debb0b5b628bdf122a391d521-2.zip
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-macosx64-aarch64-2e1774ab6dc6c43debb0b5b628bdf122a391d521-2
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-win32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492124474.000002409D809000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2533493611.000002409DE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zipjar:file:
Source: firefox.exe, 00000005.00000003.2488213495.000002409FF44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787269307.000002409F8B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2489090234.000002409F8B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-aarch64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 00000005.00000003.2477447202.000002409D936000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.orgP
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
Source: firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2487525846.000002409FFCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250781570.000002409FF9A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789413242.00000240993E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/
Source: firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
Source: firefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/common
Source: firefox.exe, 00000005.00000003.2292775986.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.0000024099181000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/dates-and-timesP5
Source: firefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/math
Source: firefox.exe, 00000005.00000003.2292775986.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.0000024099181000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressions
Source: firefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/sets
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/stringsp
Source: firefox.exe, 00000005.00000003.2890963956.000002409D5D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2236468884.000002409D5ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2154354366.000002409D5D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248471810.000002409CD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2156868789.000002409D5ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449486106.000002409CE34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2242829106.00000240A006B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2268359542.000002430003F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2900039604.000002409D5F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2156868789.000002409D5D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2890963956.000002409D5B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2531288077.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2901995722.000002409D037000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252617341.000002409F9CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788464539.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2196890631.000002409FFCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2896735245.000002409D5B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247475792.000002409D940000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2235417964.000002409D5DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2154151308.000002409D5F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2236468884.000002409D5DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://ocsp.digicert.com0C
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://ocsp.digicert.com0N
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
Source: firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://ocsp.thawte.com0
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
Source: firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: http://www.mozilla.com0
Source: firefox.exe, 00000005.00000003.2762430803.000002409CD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247970283.000002409D884000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2477447202.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2531522407.000002409D90B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906846651.000002409D936000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
Source: firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
Source: firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
Source: firefox.exe, 00000005.00000003.2243342334.000002409F986000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2223393926.000002409F986000.00000004.00000800.00020000.00000000.sdmp, Session_13370013070951362.8.drString found in binary or memory: https://accounts.google.com
Source: MediaDeviceSalts.8.dr, Session_13370013070951362.8.dr, 000003.log2.8.drString found in binary or memory: https://accounts.google.com/
Source: MediaDeviceSalts.8.drString found in binary or memory: https://accounts.google.com//
Source: Favicons.8.dr, History.8.drString found in binary or memory: https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/v3/signin/challeng
Source: firefox.exe, 00000012.00000002.3327312863.00000184435CA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/Service
Source: firefox.exe, 00000012.00000002.3328196717.0000018443840000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.goog
Source: Favicons.8.dr, History.8.dr, Session_13370013070951362.8.drString found in binary or memory: https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.co
Source: Favicons.8.drString found in binary or memory: https://accounts.google.com/favicon.ico
Source: file.exe, 00000000.00000002.2069066022.0000000000E79000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068346178.0000000000E40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2068346178.0000000000E32000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2069001048.0000000000E40000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2069001048.0000000000E32000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000003.00000003.2071605740.0000017EB96F7000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000003.00000003.2070566137.0000017EB96ED000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000003.00000002.2073373514.0000017EB96F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
Source: firefox.exe, 00000005.00000003.2113337915.000002408F6D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_STRINGS_OVERRIDE=C:
Source: Favicons.8.dr, History.8.dr, Session_13370013070951362.8.dr, WebAssistDatabase.8.drString found in binary or memory: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Faccounts.google.com%2Fv3%2Fs
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
Source: firefox.exe, 00000005.00000003.2490394108.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DD83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2483017787.0000024099D67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
Source: firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
Source: firefox.exe, 00000005.00000003.2475478733.000002409CBEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2532492262.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789264579.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493073495.000002409CBEA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release/Win
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
Source: firefox.exe, 00000005.00000003.2475478733.000002409CBEA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493073495.000002409CBEA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/re
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://bard.google.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
Source: firefox.exe, 00000005.00000003.2243307554.000002409FBCA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
Source: Reporting and NEL.9.drString found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
Source: manifest.json.8.drString found in binary or memory: https://chrome.google.com/webstore/
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.dr, ba8bc3a4-eb42-4a35-89fc-96395d696325.tmp.9.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.8.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.dr, ba8bc3a4-eb42-4a35-89fc-96395d696325.tmp.9.drString found in binary or memory: https://clients2.googleusercontent.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB0E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000002.3337640147.000002408CB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crash-reports.mozilla.com/submit?id=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
Source: Reporting and NEL.9.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/AccountsSignInUi
Source: Reporting and NEL.9.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: Reporting and NEL.9.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers
Source: Reporting and NEL.9.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/static-on-bigtable
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTab
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0ABD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0AB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCapture
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0AB3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarning
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryption
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsing
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
Source: manifest.json0.8.drString found in binary or memory: https://docs.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json0.8.drString found in binary or memory: https://drive.google.com/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252948556.000002409DD1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2479963202.000002409DD19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244571984.000002409DD19000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
Source: 000003.log7.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log7.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
Source: 000003.log7.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: 000003.log6.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
Source: 000003.log7.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.dr, HubApps Icons.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
Source: 000003.log7.8.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://excel.new?from=EdgeM365Shoreline
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/
Source: firefox.exe, 00000005.00000003.2289194503.00000240A0AB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
Source: firefox.exe, 00000005.00000003.2196890631.000002409FFE1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2487525846.000002409FFE1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250781570.000002409FFE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
Source: firefox.exe, 00000005.00000003.2953161333.000002409916C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.000002409916C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
Source: firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expe
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.drString found in binary or memory: https://fonts.gstatic.com
Source: firefox.exe, 00000005.00000003.2249337998.000002409B3DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.comP4
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://gaana.com/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtab
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
Source: firefox.exe, 00000005.00000003.2243688333.000002409F947000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com
Source: firefox.exe, 00000005.00000003.2243342334.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2223393926.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2488470417.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252617341.000002409F9BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
Source: firefox.exe, 00000005.00000003.2243342334.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2223393926.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2488470417.000002409F9BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252617341.000002409F9BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/PCi
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
Source: firefox.exe, 00000005.00000002.3337640147.000002408CB0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://i.y.qq.com/n2/m/index.html
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
Source: firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
Source: firefox.exe, 00000005.00000003.2906809192.000002409D9C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/telemetry/3c7034d6-bc52-43bb-9a23-5da34ee205e0/health/
Source: firefox.exe, 00000005.00000003.2768818965.000002409D90B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788709822.000002409D90B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/telemetry/49409584-9cbe-40a8-9057-948720249a2c/health/
Source: firefox.exe, 00000005.00000003.2906809192.000002409D9C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/telemetry/a83301c6-790b-49f3-adc7-55a855f7fe79/main/Fi
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
Source: firefox.exe, 00000005.00000003.2768928876.000002409B3DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449980527.00000240993F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.comZ
Source: firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://m.kugou.com/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://m.soundcloud.com/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://m.vk.com/
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sv
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
Source: firefox.exe, 00000012.00000002.3329957378.0000018443999000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
Source: firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://music.amazon.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://music.apple.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://music.yandex.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://open.spotify.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.live.com/mail/0/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.office.com/mail/0/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
Source: firefox.exe, 00000005.00000003.2448411394.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2237059722.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248605595.000002409CBE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2448019818.000002409D37F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2898806395.000002409D377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2814549647.000002409D377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
Source: firefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
Source: firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com/
Source: firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906846651.000002409D936000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com
Source: firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-mac-arm64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-mac-x64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-arm64.zip
Source: firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x64.zip
Source: firefox.exe, 00000005.00000003.2482020426.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2493584941.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482073044.000002409B3F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788828406.000002409B3F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788868182.000002409B3ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768928876.000002409B3ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
Source: firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
Source: firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
Source: firefox.exe, 00000005.00000003.2789264579.00000240993F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
Source: firefox.exe, 00000005.00000003.2450075349.000002409DE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
Source: firefox.exe, 00000005.00000003.2450075349.000002409DE33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%file:///C:/Program
Source: firefox.exe, 00000005.00000003.2531900347.0000024099DC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482329845.0000024099DC5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
Source: firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
Source: firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
Source: firefox.exe, 00000005.00000003.2490394108.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DD83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
Source: firefox.exe, 00000005.00000003.2767901965.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2474871935.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2169985603.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243307554.000002409FBCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2787062774.000002409FBCA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
Source: firefox.exe, 00000005.00000003.2532492262.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2906809192.000002409D9C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789264579.00000240993F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492675453.000002409CEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492124474.000002409D809000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windows
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://tidal.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
Source: firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
Source: firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2951636377.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2291354489.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788760828.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248750417.000002409CB78000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://twitter.com/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://vibe.naver.com/today
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
Source: firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://web.telegram.org/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://web.whatsapp.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://word.new?from=EdgeM365Shoreline
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
Source: firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.deezer.com/
Source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drString found in binary or memory: https://www.digicert.com/CPS0
Source: content_new.js.8.dr, content.js.8.drString found in binary or memory: https://www.google.com/chrome
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
Source: firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
Source: 14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp.9.drString found in binary or memory: https://www.googleapis.com
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.iheart.com/podcast/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.instagram.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.last.fm/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.messenger.com
Source: firefox.exe, 00000005.00000002.3327280611.000000A80677C000.00000004.00000010.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
Source: firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
Source: firefox.exe, 00000005.00000003.2292775986.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3329957378.0000018443999000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-content
Source: firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
Source: firefox.exe, 00000005.00000003.2292775986.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.000002409915F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/J
Source: firefox.exe, 00000005.00000002.3327280611.000000A80677C000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.orgo
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247820800.000002409D9A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.comZ
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.office.com
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
Source: firefox.exe, 00000005.00000003.2789413242.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952549951.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2532628861.00000240993D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292130151.00000240993D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.openh264.org/
Source: firefox.exe, 00000005.00000003.2476182627.000002409CB4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2951636377.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2291354489.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788760828.000002409CB7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481620846.000002409CB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248750417.000002409CB78000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.tiktok.com/
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tsn.ca
Source: firefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tsn.caZ
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://www.youtube.com
Source: firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
Source: firefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
Source: 31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drString found in binary or memory: https://y.music.163.com/m/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownHTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.31.69:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49775 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49789 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49788 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.5:49791 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49794 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49795 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49796 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49799 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49801 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49802 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49803 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49804 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49805 version: TLS 1.2
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BFEAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_00BFEAFF
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BFED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_00BFED6A
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BFEAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_00BFEAFF
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BEAA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_00BEAA57
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C19576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_00C19576

System Summary

barindex
Binary is likely a compiled AutoIt script file
Source: file.exeString found in binary or memory: This is a third-party compiled AutoIt script.
Source: file.exe, 00000000.00000000.2062977270.0000000000C42000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_36611872-e
Source: file.exe, 00000000.00000000.2062977270.0000000000C42000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_f05053d5-5
Source: file.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_f2b1b16b-2
Source: file.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_6ecd0c0d-9
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F68FF7 NtQuerySystemInformation,18_2_0000018443F68FF7
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F8A1F2 NtQuerySystemInformation,18_2_0000018443F8A1F2
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BED5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_00BED5EB
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE1201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00BE1201
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BEE8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_00BEE8F6
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B880600_2_00B88060
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF20460_2_00BF2046
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE82980_2_00BE8298
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BBE4FF0_2_00BBE4FF
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BB676B0_2_00BB676B
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C148730_2_00C14873
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BACAA00_2_00BACAA0
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B8CAF00_2_00B8CAF0
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B9CC390_2_00B9CC39
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BB6DD90_2_00BB6DD9
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B891C00_2_00B891C0
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B9B1190_2_00B9B119
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA13940_2_00BA1394
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA17060_2_00BA1706
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA781B0_2_00BA781B
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA19B00_2_00BA19B0
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B879200_2_00B87920
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B9997D0_2_00B9997D
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA7A4A0_2_00BA7A4A
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA7CA70_2_00BA7CA7
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA1C770_2_00BA1C77
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BB9EEE0_2_00BB9EEE
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C0BE440_2_00C0BE44
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA1F320_2_00BA1F32
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F68FF718_2_0000018443F68FF7
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F8A1F218_2_0000018443F8A1F2
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F8A91C18_2_0000018443F8A91C
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F8A23218_2_0000018443F8A232
Source: C:\Users\user\Desktop\file.exeCode function: String function: 00B9F9F2 appears 40 times
Source: C:\Users\user\Desktop\file.exeCode function: String function: 00B89CB3 appears 31 times
Source: C:\Users\user\Desktop\file.exeCode function: String function: 00BA0A30 appears 46 times
Source: file.exe, 00000000.00000003.2068346178.0000000000E32000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename vs file.exe
Source: file.exe, 00000000.00000002.2069001048.0000000000E32000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename vs file.exe
Source: file.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
Source: classification engineClassification label: mal64.evad.winEXE@71/277@34/22
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF37B5 GetLastError,FormatMessageW,0_2_00BF37B5
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE10BF AdjustTokenPrivileges,CloseHandle,0_2_00BE10BF
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE16C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_00BE16C3
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF51CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_00BF51CD
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BED4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,FindCloseChangeNotification,0_2_00BED4DC
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_00BF648E
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B842A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_00B842A2
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\75c9fa31-5b4a-45e3-a4e6-677e095abe56.tmpJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
Source: file.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: file.exeReversingLabs: Detection: 26%
Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd --attempting-deelevation
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2056,i,6247163367441240488,2576398707470590896,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2688 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:3
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2248 -parentBuildID 20230927232528 -prefsHandle 2196 -prefMapHandle 2188 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ccf95cfb-f749-4af2-904e-7994877402df} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2408cb6db10 socket
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6532 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6736 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -prefsHandle 4340 -prefMapHandle 4336 -prefsLen 26273 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f8d3111-a88f-4b01-91e4-af2e9be1c464} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2409f819410 rdd
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --mojo-platform-channel-handle=8500 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=8648 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=price_comparison_service.mojom.DataProcessor --lang=en-GB --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=8496 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=8780 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwdJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwdJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2056,i,6247163367441240488,2576398707470590896,262144 /prefetch:3Jump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwdJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2248 -parentBuildID 20230927232528 -prefsHandle 2196 -prefMapHandle 2188 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ccf95cfb-f749-4af2-904e-7994877402df} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2408cb6db10 socketJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -prefsHandle 4340 -prefMapHandle 4336 -prefsLen 26273 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f8d3111-a88f-4b01-91e4-af2e9be1c464} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2409f819410 rddJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2688 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6532 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6736 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --mojo-platform-channel-handle=8500 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=8648 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=price_comparison_service.mojom.DataProcessor --lang=en-GB --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=8496 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=8780 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.dr
Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: file.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B842DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_00B842DE
Source: gmpopenh264.dll.tmp.5.drStatic PE information: section name: .rodata
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA0A76 push ecx; ret 0_2_00BA0A89
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B9F98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_00B9F98E
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C11C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_00C11C41
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Malware Analysis System Evasion

barindex
Found API chain indicative of sandbox detection
Source: C:\Users\user\Desktop\file.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-97979
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F68FF7 rdtsc 18_2_0000018443F68FF7
Source: C:\Users\user\Desktop\file.exeAPI coverage: 3.2 %
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BEDBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_00BEDBBE
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BBC2A2 FindFirstFileExW,0_2_00BBC2A2
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF68EE FindFirstFileW,FindClose,0_2_00BF68EE
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_00BF698F
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BED076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_00BED076
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BED3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_00BED3A9
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF9642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00BF9642
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00BF979D
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF9B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00BF9B2B
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF5C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00BF5C97
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B842DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_00B842DE
Source: firefox.exe, 00000005.00000003.2113337915.000002408F694000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2101863521.000002408F694000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW@>n
Source: firefox.exe, 0000000B.00000002.3328028461.000002071B0DA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW6
Source: Web Data.8.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
Source: firefox.exe, 00000012.00000002.3333208395.0000018443E60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllM
Source: Web Data.8.drBinary or memory string: discord.comVMware20,11696428655f
Source: Web Data.8.drBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
Source: Web Data.8.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
Source: Web Data.8.drBinary or memory string: global block list test formVMware20,11696428655
Source: Web Data.8.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
Source: firefox.exe, 00000005.00000003.2113337915.000002408F6D6000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3328028461.000002071B0DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3327312863.00000184435CA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3333208395.0000018443E60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: firefox.exe, 00000005.00000003.2292130151.00000240993C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789413242.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2532628861.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952549951.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3334732388.000002071B517000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
Source: Web Data.8.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
Source: Web Data.8.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
Source: Web Data.8.drBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
Source: firefox.exe, 00000005.00000003.3206806067.00002E4BBD640000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware Virtual disk
Source: Web Data.8.drBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
Source: Web Data.8.drBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
Source: firefox.exe, 00000012.00000002.3333208395.0000018443E60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dlla
Source: Web Data.8.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
Source: Web Data.8.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
Source: Web Data.8.drBinary or memory string: outlook.office365.comVMware20,11696428655t
Source: Web Data.8.drBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
Source: firefox.exe, 0000000B.00000002.3335816849.000002071B600000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3333208395.0000018443E60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: Web Data.8.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
Source: Web Data.8.drBinary or memory string: outlook.office.comVMware20,11696428655s
Source: Web Data.8.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
Source: Web Data.8.drBinary or memory string: ms.portal.azure.comVMware20,11696428655
Source: Web Data.8.drBinary or memory string: AMC password management pageVMware20,11696428655
Source: Web Data.8.drBinary or memory string: tasks.office.comVMware20,11696428655o
Source: Web Data.8.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
Source: Web Data.8.drBinary or memory string: turbotax.intuit.comVMware20,11696428655t
Source: Web Data.8.drBinary or memory string: interactivebrokers.comVMware20,11696428655
Source: Web Data.8.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
Source: firefox.exe, 00000012.00000002.3333208395.0000018443E60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll0
Source: Web Data.8.drBinary or memory string: dev.azure.comVMware20,11696428655j
Source: Web Data.8.drBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
Source: Web Data.8.drBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
Source: Web Data.8.drBinary or memory string: bankofamerica.comVMware20,11696428655x
Source: Web Data.8.drBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
Source: firefox.exe, 0000000B.00000002.3335816849.000002071B600000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllD
Source: Web Data.8.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 18_2_0000018443F68FF7 rdtsc 18_2_0000018443F68FF7
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BFEAA2 BlockInput,0_2_00BFEAA2
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BB2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00BB2622
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B842DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_00B842DE
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA4CE8 mov eax, dword ptr fs:[00000030h]0_2_00BA4CE8
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE0B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00BE0B62
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BB2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00BB2622
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00BA083F
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA09D5 SetUnhandledExceptionFilter,0_2_00BA09D5
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA0C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00BA0C21
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE1201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00BE1201
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BC2BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_00BC2BA5
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BEB226 SendInput,keybd_event,0_2_00BEB226
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C022DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_00C022DA
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwdJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwdJump to behavior
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE0B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00BE0B62
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BE1663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_00BE1663
Source: file.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
Source: file.exeBinary or memory string: Shell_TrayWnd
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BA0698 cpuid 0_2_00BA0698
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BF8195 GetLocalTime,SystemTimeToFileTime,LocalFileTimeToFileTime,GetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,0_2_00BF8195
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BDD27A GetUserNameW,0_2_00BDD27A
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00BBB952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_00BBB952
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B842DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_00B842DE
Source: file.exeBinary or memory string: WIN_81
Source: file.exeBinary or memory string: WIN_XP
Source: file.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
Source: file.exeBinary or memory string: WIN_XPe
Source: file.exeBinary or memory string: WIN_VISTA
Source: file.exeBinary or memory string: WIN_7
Source: file.exeBinary or memory string: WIN_8
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C01204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_00C01204
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00C01806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_00C01806

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure2
Valid Accounts		1
Native API		1
DLL Side-Loading		1
Exploitation for Privilege Escalation		1
Disable or Modify Tools		21
Input Capture		2
System Time Discovery		Remote Services1
Archive Collected Data		2
Ingress Tool Transfer		Exfiltration Over Other Network Medium1
System Shutdown/Reboot
CredentialsDomainsDefault AccountsScheduled Task/Job2
Valid Accounts		1
DLL Side-Loading		1
Deobfuscate/Decode Files or Information		LSASS Memory1
Account Discovery		Remote Desktop Protocol21
Input Capture		11
Encrypted Channel		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		2
Obfuscated Files or Information		Security Account Manager2
File and Directory Discovery		SMB/Windows Admin Shares3
Clipboard Data		3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
Valid Accounts		1
DLL Side-Loading		NTDS15
System Information Discovery		Distributed Component Object ModelInput Capture4
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
Access Token Manipulation		1
Extra Window Memory Injection		LSA Secrets131
Security Software Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts12
Process Injection		1
Masquerading		Cached Domain Credentials1
Virtualization/Sandbox Evasion		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
Valid Accounts		DCSync3
Process Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
Virtualization/Sandbox Evasion		Proc Filesystem1
Application Window Discovery		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
Access Token Manipulation		/etc/passwd and /etc/shadow1
System Owner/User Discovery		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron12
Process Injection		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1504861 Sample: file.exe Startdate: 05/09/2024 Architecture: WINDOWS Score: 64 42 telemetry-incoming.r53-2.services.mozilla.com 2->42 44 sni1gl.wpc.nucdn.net 2->44 46 14 other IPs or domains 2->46 66 Multi AV Scanner detection for submitted file 2->66 68 Binary is likely a compiled AutoIt script file 2->68 70 Machine Learning detection for sample 2->70 72 AI detected suspicious sample 2->72 8 file.exe 1 2->8         started        11 msedge.exe 103 407 2->11         started        14 firefox.exe 1 2->14         started        signatures3 process4 dnsIp5 74 Binary is likely a compiled AutoIt script file 8->74 76 Found API chain indicative of sandbox detection 8->76 16 msedge.exe 10 8->16         started        18 firefox.exe 1 8->18         started        60 192.168.2.5, 443, 49362, 49616 unknown unknown 11->60 62 192.168.2.6 unknown unknown 11->62 64 239.255.255.250 unknown Reserved 11->64 20 msedge.exe 11->20         started        23 msedge.exe 11->23         started        25 msedge.exe 11->25         started        30 4 other processes 11->30 27 firefox.exe 3 94 14->27         started        signatures6 process7 dnsIp8 32 msedge.exe 16->32         started        48 13.107.246.40, 443, 49747, 49748 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 20->48 50 ssl.bingadsedgeextension-prod-europe.azurewebsites.net 94.245.104.56, 443, 49714 MICROSOFT-CORP-MSN-AS-BLOCKUS United Kingdom 20->50 56 14 other IPs or domains 20->56 52 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49745, 49756, 49792 GOOGLEUS United States 27->52 54 telemetry-incoming.r53-2.services.mozilla.com 34.120.208.123, 443, 49801, 49802 GOOGLEUS United States 27->54 58 5 other IPs or domains 27->58 38 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 27->38 dropped 40 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 27->40 dropped 34 firefox.exe 27->34         started        36 firefox.exe 27->36         started        file9 process10

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
file.exe26%ReversingLabs
file.exe100%Joe Sandbox ML

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e40%URL Reputationsafe
https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l0%URL Reputationsafe
http://detectportal.firefox.com/0%URL Reputationsafe
https://services.addons.mozilla.org0%URL Reputationsafe
https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%0%URL Reputationsafe
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.0%URL Reputationsafe
https://merino.services.mozilla.com/api/v1/suggest0%URL Reputationsafe
https://csp.withgoogle.com/csp/report-to/apps-themes0%URL Reputationsafe
https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect0%URL Reputationsafe
https://spocs.getpocket.com/spocs0%URL Reputationsafe
https://screenshots.firefox.com0%URL Reputationsafe
https://completion.amazon.com/search/complete?q=0%URL Reputationsafe
https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report0%URL Reputationsafe
https://ads.stickyadstv.com/firefox-etp0%URL Reputationsafe
https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab0%URL Reputationsafe
https://monitor.firefox.com/breach-details/0%URL Reputationsafe
https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM0%URL Reputationsafe
https://xhr.spec.whatwg.org/#sync-warning0%URL Reputationsafe
https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-0%Avira URL Cloudsafe
https://profiler.firefox.com/0%URL Reputationsafe
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge0%URL Reputationsafe
https://www.youtube.com0%Avira URL Cloudsafe
http://www.mozilla.com00%Avira URL Cloudsafe
https://www.msn.comZ0%Avira URL Cloudsafe
https://docs.google.com/0%Avira URL Cloudsafe
https://services.addons.mozilla.org/api/v4/addons/addon/0%URL Reputationsafe
https://tracking-protection-issues.herokuapp.com/new0%URL Reputationsafe
https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report0%URL Reputationsafe
https://www.instagram.com0%Avira URL Cloudsafe
https://i.y.qq.com/n2/m/index.html0%URL Reputationsafe
https://www.deezer.com/0%URL Reputationsafe
https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsing0%URL Reputationsafe
https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report0%URL Reputationsafe
https://api.accounts.firefox.com/v10%URL Reputationsafe
https://www.amazon.com/exec/obidos/external-search/0%Avira URL Cloudsafe
https://drive-daily-2.corp.google.com/0%URL Reputationsafe
https://www.msn.com0%Avira URL Cloudsafe
https://fpn.firefox.com0%URL Reputationsafe
https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc0%URL Reputationsafe
https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections0%URL Reputationsafe
https://outlook.office.com/mail/compose?isExtension=true0%Avira URL Cloudsafe
https://drive-daily-1.corp.google.com/0%URL Reputationsafe
https://excel.new?from=EdgeM365Shoreline0%URL Reputationsafe
https://drive-daily-5.corp.google.com/0%URL Reputationsafe
https://github.com/mozilla-services/screenshots0%Avira URL Cloudsafe
https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield0%URL Reputationsafe
http://exslt.org/sets0%Avira URL Cloudsafe
https://bzib.nelreports.net/api/report?cat=bingbusiness0%URL Reputationsafe
http://exslt.org/dates-and-timesP50%Avira URL Cloudsafe
https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=0%URL Reputationsafe
https://bugzilla.mo0%URL Reputationsafe
https://mitmdetection.services.mozilla.com/0%URL Reputationsafe
https://static.adsafeprotected.com/firefox-etp-js0%URL Reputationsafe
https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref0%URL Reputationsafe
http://exslt.org/common0%Avira URL Cloudsafe
https://drive-preprod.corp.google.com/0%URL Reputationsafe
https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/0%Avira URL Cloudsafe
https://web.telegram.org/0%Avira URL Cloudsafe
http://ocsp.rootca1.amazontrust.com0:0%Avira URL Cloudsafe
https://www.youtube.com/0%Avira URL Cloudsafe
https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture0%URL Reputationsafe
https://spocs.getpocket.com/0%URL Reputationsafe
https://services.addons.mozilla.org/api/v4/abuse/report/addon/0%URL Reputationsafe
https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%0%URL Reputationsafe
https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f0%URL Reputationsafe
https://monitor.firefox.com/user/breach-stats?includeResolved=true0%URL Reputationsafe
https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report0%URL Reputationsafe
https://outlook.live.com/mail/0/0%URL Reputationsafe
https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-0%URL Reputationsafe
https://www.google.com/favicon.ico0%Avira URL Cloudsafe
https://safebrowsing.google.com/safebrowsing/diagnostic?site=0%URL Reputationsafe
http://127.0.0.1:0%Avira URL Cloudsafe
https://amazon.com0%Avira URL Cloudsafe
https://monitor.firefox.com/user/dashboard0%URL Reputationsafe
https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID0%URL Reputationsafe
https://www.tsn.ca0%URL Reputationsafe
https://tidal.com/0%URL Reputationsafe
https://monitor.firefox.com/about0%URL Reputationsafe
https://account.bellmedia.c0%URL Reputationsafe
https://www.openh264.org/0%URL Reputationsafe
https://gaana.com/0%URL Reputationsafe
https://coverage.mozilla.org0%URL Reputationsafe
https://csp.withgoogle.com/csp/report-to/AccountsSignInUi0%URL Reputationsafe
https://outlook.live.com/mail/compose?isExtension=true0%URL Reputationsafe
https://blocked.cdn.mozilla.net/0%URL Reputationsafe
http://developer.mozilla.org/en/docs/DOM:element.addEventListener0%URL Reputationsafe
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde74770%Avira URL Cloudsafe
https://chrome.google.com/webstore/0%Avira URL Cloudsafe
https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r0%Avira URL Cloudsafe
https://clients2.googleusercontent.com/crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx0%Avira URL Cloudsafe
https://bard.google.com/0%Avira URL Cloudsafe
https://www.office.com0%Avira URL Cloudsafe
http://www.inbox.lv/rfc2368/?value=%su0%Avira URL Cloudsafe
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi0%Avira URL Cloudsafe
https://www.tsn.caZ0%Avira URL Cloudsafe
http://mozilla.org/MPL/2.0/.0%Avira URL Cloudsafe
https://login.microsoftonline.com0%Avira URL Cloudsafe
http://crl.thawte.com/ThawteTimestampingCA.crl00%Avira URL Cloudsafe
http://x1.c.lencr.org/00%Avira URL Cloudsafe
http://x1.i.lencr.org/00%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
example.org
93.184.215.14
truefalse
    		unknown
    chrome.cloudflare-dns.com
    		172.64.41.3
    		truefalse
      		unknown
      prod.classify-client.prod.webservices.mozgcp.net
      		35.190.72.216
      		truefalse
        		unknown
        prod.balrog.prod.cloudops.mozgcp.net
        		35.244.181.201
        		truefalse
          		unknown
          prod.detectportal.prod.cloudops.mozgcp.net
          		34.107.221.82
          		truefalse
            		unknown
            services.addons.mozilla.org
            		52.222.236.23
            		truefalse
              		unknown
              ipv4only.arpa
              		192.0.0.170
              		truefalse
                		unknown
                ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                		94.245.104.56
                		truefalse
                  		unknown
                  prod.remote-settings.prod.webservices.mozgcp.net
                  		34.149.100.209
                  		truefalse
                    		unknown
                    googlehosted.l.googleusercontent.com
                    		142.250.185.65
                    		truefalse
                      		unknown
                      sni1gl.wpc.nucdn.net
                      		152.199.21.175
                      		truefalse
                        		unknown
                        telemetry-incoming.r53-2.services.mozilla.com
                        		34.120.208.123
                        		truefalse
                          		unknown
                          detectportal.firefox.com
                          		unknown
                          		unknownfalse
                            		unknown
                            clients2.googleusercontent.com
                            		unknown
                            		unknownfalse
                              		unknown
                              bzib.nelreports.net
                              		unknown
                              		unknownfalse
                                		unknown
                                firefox.settings.services.mozilla.com
                                		unknown
                                		unknownfalse
                                  		unknown

                                  Contacted URLs

                                  NameMaliciousAntivirus DetectionReputation
                                  https://www.google.com/favicon.icofalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://clients2.googleusercontent.com/crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crxfalse
                                  • Avira URL Cloud: safe
                                  		unknown

                                  URLs from Memory and Binaries

                                  NameSourceMaliciousAntivirus DetectionReputation
                                  https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://detectportal.firefox.com/firefox.exe, 00000005.00000003.2476540516.000002409CB2D000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.msn.comZfirefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://services.addons.mozilla.orgfirefox.exe, 00000005.00000003.2789264579.00000240993F0000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.mozilla.com0firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000012.00000002.3329957378.0000018443999000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://csp.withgoogle.com/csp/report-to/apps-themesReporting and NEL.9.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://spocs.getpocket.com/spocsfirefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://docs.google.com/manifest.json0.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://screenshots.firefox.comfirefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.youtube.com31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://completion.amazon.com/search/complete?q=firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://ads.stickyadstv.com/firefox-etpfirefox.exe, 00000005.00000003.2490394108.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DD83000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2243897678.000002409DD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.instagram.com31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://monitor.firefox.com/breach-details/firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.amazon.com/exec/obidos/external-search/firefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2768528442.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244647347.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144393504.000002409D080000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2480877202.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2246835045.000002409DCCE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475190021.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788279722.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2491387252.000002409DCD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2290635640.000002409DCD0000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://profiler.firefox.com/firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.msn.comfirefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247820800.000002409D9A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://outlook.office.com/mail/compose?isExtension=true31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://github.com/mozilla-services/screenshotsfirefox.exe, 00000005.00000003.2140776897.000002409CE00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2142321397.000002409D03D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2144020852.000002409D05F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2140971232.000002409D01C000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://exslt.org/setsfirefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://exslt.org/dates-and-timesP5firefox.exe, 00000005.00000003.2292775986.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2533277445.0000024099181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2953161333.0000024099181000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://i.y.qq.com/n2/m/index.html31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.deezer.com/31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://web.telegram.org/31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingfirefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://api.accounts.firefox.com/v1firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://exslt.org/commonfirefox.exe, 00000005.00000003.2532892624.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292240962.000002409918E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2789533288.000002409918A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952632105.000002409918E000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://drive-daily-2.corp.google.com/manifest.json0.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://fpn.firefox.comfirefox.exe, 00000005.00000003.2249337998.000002409B3DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2249500185.000002409B38F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2483017787.0000024099DB2000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 00000005.00000003.2289194503.00000240A0ABD000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://ocsp.rootca1.amazontrust.com0:firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://drive-daily-1.corp.google.com/manifest.json0.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://excel.new?from=EdgeM365Shoreline31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.youtube.com/firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://drive-daily-5.corp.google.com/manifest.json0.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://bzib.nelreports.net/api/report?cat=bingbusinessReporting and NEL.9.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://127.0.0.1:firefox.exe, 00000005.00000003.2248120040.000002409CE73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2492675453.000002409CE73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000002.3337640147.000002408CB6D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://bugzilla.mofirefox.exe, 00000005.00000003.2243307554.000002409FBCA000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://mitmdetection.services.mozilla.com/firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://amazon.comfirefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 00000005.00000003.2243897678.000002409DDF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2490394108.000002409DDF5000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&reffirefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://drive-preprod.corp.google.com/manifest.json0.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477firefox.exe, 00000005.00000003.2789533288.00000240991B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3330835195.000002071B4CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://chrome.google.com/webstore/manifest.json.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://spocs.getpocket.com/firefox.exe, 00000005.00000003.2481844978.000002409CB04000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000005.00000003.2450075349.000002409DE33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://bard.google.com/31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.office.com31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://outlook.live.com/mail/0/31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-firefox.exe, 00000005.00000003.2531900347.0000024099DC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2482329845.0000024099DC5000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYifirefox.exe, 00000012.00000002.3334297902.0000018444003000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.5.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.inbox.lv/rfc2368/?value=%sufirefox.exe, 00000005.00000003.2248750417.000002409CB98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2475513133.000002409CBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449660946.000002409CBA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2481266651.000002409CBA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2253333167.000002409CBB0000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://monitor.firefox.com/user/dashboardfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.tsn.caZfirefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.tsn.cafirefox.exe, 00000005.00000003.2287812899.00003F057CA03000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://tidal.com/31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://monitor.firefox.com/aboutfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://mozilla.org/MPL/2.0/.firefox.exe, 00000005.00000003.2890963956.000002409D5D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2236468884.000002409D5ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2154354366.000002409D5D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2248471810.000002409CD3F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2156868789.000002409D5ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2449486106.000002409CE34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2242829106.00000240A006B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2268359542.000002430003F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2900039604.000002409D5F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2156868789.000002409D5D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2890963956.000002409D5B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2531288077.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2901995722.000002409D037000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2252617341.000002409F9CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2788464539.000002409D936000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2196890631.000002409FFCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2896735245.000002409D5B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2247475792.000002409D940000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2235417964.000002409D5DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2154151308.000002409D5F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2236468884.000002409D5DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://account.bellmedia.cfirefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.openh264.org/firefox.exe, 00000005.00000003.2789413242.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2952549951.00000240993C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2532628861.00000240993D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2292130151.00000240993D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://gaana.com/31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://login.microsoftonline.comfirefox.exe, 00000005.00000003.2241273572.00000240A0A59000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://coverage.mozilla.orgfirefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://crl.thawte.com/ThawteTimestampingCA.crl0firefox.exe, 00000005.00000003.2487359852.00000240A003D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2496055924.000002409E800000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.5.drfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://csp.withgoogle.com/csp/report-to/AccountsSignInUiReporting and NEL.9.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://x1.c.lencr.org/0firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://x1.i.lencr.org/0firefox.exe, 00000005.00000003.2788174419.000002409DCF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2244595446.000002409DCF9000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://outlook.live.com/mail/compose?isExtension=true31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp.8.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://blocked.cdn.mozilla.net/firefox.exe, 0000000B.00000002.3329927616.000002071B1E0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3329027596.0000018443870000.00000002.08000000.00040000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 00000005.00000003.2477823650.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0AE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2241273572.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000005.00000003.2250178189.00000240A0A8E000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown

                                  World Map of Contacted IPs

                                  • No. of IPs < 25%
                                  • 25% < No. of IPs < 50%
                                  • 50% < No. of IPs < 75%
                                  • 75% < No. of IPs

                                  Public IPs

                                  IPDomainCountryFlagASNASN NameMalicious
                                  13.107.246.40
                                  		unknownUnited States
                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  23.55.235.170
                                  		unknownUnited States
                                  		20940AKAMAI-ASN1EUfalse
                                  152.195.19.97
                                  		unknownUnited States
                                  		15133EDGECASTUSfalse
                                  23.59.250.72
                                  		unknownUnited States
                                  		20940AKAMAI-ASN1EUfalse
                                  162.159.61.3
                                  		unknownUnited States
                                  		13335CLOUDFLARENETUSfalse
                                  52.222.236.23
                                  		services.addons.mozilla.orgUnited States
                                  		16509AMAZON-02USfalse
                                  142.251.40.174
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  172.64.41.3
                                  		chrome.cloudflare-dns.comUnited States
                                  		13335CLOUDFLARENETUSfalse
                                  34.120.208.123
                                  		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                  		15169GOOGLEUSfalse
                                  142.250.185.65
                                  		googlehosted.l.googleusercontent.comUnited States
                                  		15169GOOGLEUSfalse
                                  64.233.180.84
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  142.250.65.174
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse
                                  94.245.104.56
                                  		ssl.bingadsedgeextension-prod-europe.azurewebsites.netUnited Kingdom
                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  34.149.100.209
                                  		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                  		2686ATGS-MMD-ASUSfalse
                                  34.107.221.82
                                  		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                  		15169GOOGLEUSfalse
                                  35.244.181.201
                                  		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                  		15169GOOGLEUSfalse
                                  239.255.255.250
                                  		unknownReserved
                                  		unknownunknownfalse
                                  35.190.72.216
                                  		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                  		15169GOOGLEUSfalse
                                  142.251.35.164
                                  		unknownUnited States
                                  		15169GOOGLEUSfalse

                                  Private

                                  IP
                                  192.168.2.6
                                  192.168.2.5
                                  127.0.0.1

                                  General Information

                                  Joe Sandbox version:40.0.0 Tourmaline
                                  Analysis ID:1504861
                                  Start date and time:2024-09-05 14:30:11 +02:00
                                  Joe Sandbox product:CloudBasic
                                  Overall analysis duration:0h 7m 43s
                                  Hypervisor based Inspection enabled:false
                                  Report type:full
                                  Cookbook file name:default.jbs
                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                  Number of analysed new started processes analysed:25
                                  Number of new started drivers analysed:0
                                  Number of existing processes analysed:0
                                  Number of existing drivers analysed:0
                                  Number of injected processes analysed:0
                                  Technologies:
                                  • HCA enabled
                                  • EGA enabled
                                  • AMSI enabled
                                  Analysis Mode:default
                                  Analysis stop reason:Timeout
                                  Sample name:file.exe
                                  Detection:MAL
                                  Classification:mal64.evad.winEXE@71/277@34/22
                                  EGA Information:
                                  • Successful, ratio: 50%
                                  HCA Information:
                                  • Successful, ratio: 97%
                                  • Number of executed functions: 39
                                  • Number of non-executed functions: 320
                                  Cookbook Comments:
                                  • Found application associated with file extension: .exe

                                  Warnings

                                  • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                  • Excluded IPs from analysis (whitelisted): 142.251.168.84, 13.107.42.16, 216.58.206.78, 13.107.21.239, 204.79.197.239, 13.107.6.158, 2.19.126.152, 2.19.126.145, 172.217.16.195, 2.23.209.179, 2.23.209.183, 2.23.209.173, 2.23.209.182, 2.23.209.169, 2.23.209.167, 2.23.209.171, 2.23.209.181, 2.23.209.168, 142.250.186.99, 20.191.45.158, 20.199.58.43, 93.184.221.240, 192.229.221.95, 2.22.61.57, 2.22.61.59, 172.217.16.206, 172.217.16.142, 142.250.65.163, 142.251.35.163, 142.251.32.99
                                  • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, slscr.update.microsoft.com, a416.dscd.akamai.net, aus5.mozilla.org, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, a19.dscg10.akamai.net, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, www.gstatic.com, l-0007.l-msedge.net, www.bing.com, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, prod-atm-wds-edge.trafficmanager.net, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, wildcardtlu-ssl.azureedge.net, clients.l.google.com, telem-edge.smartscreen.microsoft.com, location.services.mozilla.com, ciscobinary.openh264.org, config.edge.skype.com.trafficmanager.net, incoming.telemetry.mozilla.org, a17.rackcdn.com.mdc.edgesuite.net, iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com, arc.msn.com, www.bing.com.edgekey.net, redirector.gvt1.com, msedge.b.tlu.dl.delivery.mp.microsoft.com, arc.trafficm
                                  • Execution Graph export aborted for target firefox.exe, PID 1816 because it is empty
                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                  • Report size exceeded maximum capacity and may have missing disassembly code.
                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                  • Report size getting too big, too many NtOpenFile calls found.
                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                  • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                  • VT rate limit hit for: file.exe

                                  Simulations

                                  Behavior and APIs

                                  No simulations

                                  Joe Sandbox View / Context

                                  IPs

                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                  13.107.246.40Payment Transfer Receipt.shtmlGet hashmaliciousHTMLPhisherBrowse
                                  • www.aib.gov.uk/
                                  NEW ORDER.xlsGet hashmaliciousUnknownBrowse
                                  • 2s.gg/3zs
                                  PO_OCF 408.xlsGet hashmaliciousUnknownBrowse
                                  • 2s.gg/42Q
                                  06836722_218 Aluplast.docx.docGet hashmaliciousUnknownBrowse
                                  • 2s.gg/3zk
                                  Quotation.xlsGet hashmaliciousUnknownBrowse
                                  • 2s.gg/3zM
                                  23.55.235.170file.exeGet hashmaliciousUnknownBrowse
                                    file.exeGet hashmaliciousUnknownBrowse
                                      file.exeGet hashmaliciousUnknownBrowse
                                        file.exeGet hashmaliciousAmadey, StealcBrowse
                                          file.exeGet hashmaliciousUnknownBrowse
                                            file.exeGet hashmaliciousUnknownBrowse
                                              file.exeGet hashmaliciousUnknownBrowse
                                                file.exeGet hashmaliciousUnknownBrowse
                                                  file.exeGet hashmaliciousUnknownBrowse
                                                    file.exeGet hashmaliciousUnknownBrowse
                                                      152.195.19.97http://ustteam.com/Get hashmaliciousUnknownBrowse
                                                      • www.ust.com/

                                                      Domains

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      services.addons.mozilla.orgfile.exeGet hashmaliciousUnknownBrowse
                                                      • 18.65.39.4
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 108.156.60.108
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 18.65.39.85
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 52.222.236.48
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 52.222.236.80
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 52.222.236.120
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 52.222.236.80
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 52.222.236.120
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 52.222.236.80
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 52.222.236.120
                                                      example.orgfile.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 93.184.215.14
                                                      chrome.cloudflare-dns.comfile.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 172.64.41.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 172.64.41.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 162.159.61.3
                                                      ipv4only.arpafile.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.171
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.171
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 192.0.0.170

                                                      ASNs

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      AKAMAI-ASN1EUfile.exeGet hashmaliciousUnknownBrowse
                                                      • 23.200.0.9
                                                      https://1drv.ms/o/s!Ajq9zC5M8q4HgQZYMFwoYdIgQ7Uc?e=V7cJrHGet hashmaliciousUnknownBrowse
                                                      • 2.16.238.6
                                                      Inspection Notice.msgGet hashmaliciousHTMLPhisherBrowse
                                                      • 92.123.101.112
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.54.161.105
                                                      Rechnung.pdfGet hashmaliciousUnknownBrowse
                                                      • 2.16.241.13
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.59.250.91
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.44.201.7
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.44.201.5
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 104.126.116.19
                                                      SyncTextReader.exeGet hashmaliciousFormBookBrowse
                                                      • 172.232.25.148
                                                      AKAMAI-ASN1EUfile.exeGet hashmaliciousUnknownBrowse
                                                      • 23.200.0.9
                                                      https://1drv.ms/o/s!Ajq9zC5M8q4HgQZYMFwoYdIgQ7Uc?e=V7cJrHGet hashmaliciousUnknownBrowse
                                                      • 2.16.238.6
                                                      Inspection Notice.msgGet hashmaliciousHTMLPhisherBrowse
                                                      • 92.123.101.112
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.54.161.105
                                                      Rechnung.pdfGet hashmaliciousUnknownBrowse
                                                      • 2.16.241.13
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.59.250.91
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.44.201.7
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 23.44.201.5
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 104.126.116.19
                                                      SyncTextReader.exeGet hashmaliciousFormBookBrowse
                                                      • 172.232.25.148
                                                      EDGECASTUShttps://www.carsoup.com/api/v1/connections/store?type=web_referrals&dealer_id=18689&redirect=https%3A%2F%2Flyn.bz/bbbGet hashmaliciousHTMLPhisherBrowse
                                                      • 152.199.21.175
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 152.195.19.97
                                                      https://buysuhagra.shop/ePFcjxsxGet hashmaliciousHTMLPhisherBrowse
                                                      • 152.199.21.175
                                                      http://jan47nfhc.3utilities.com/#SAK0BE-SUREJACKZ3J6ZWdvcnouZ2FsYXJhQGNjYy5ldQ==Get hashmaliciousUnknownBrowse
                                                      • 152.195.15.58
                                                      Fatura_200393871.pdfGet hashmaliciousUnknownBrowse
                                                      • 152.199.21.175
                                                      https://1drv.ms/o/s!Ajq9zC5M8q4HgQZYMFwoYdIgQ7Uc?e=V7cJrHGet hashmaliciousUnknownBrowse
                                                      • 152.199.19.160
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 152.195.19.97
                                                      Rechnung.pdfGet hashmaliciousUnknownBrowse
                                                      • 93.184.221.240
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 152.195.19.97
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 152.195.19.97
                                                      MICROSOFT-CORP-MSN-AS-BLOCKUSSecuriteInfo.com.Linux.Siggen.9999.17528.22528.elfGet hashmaliciousMiraiBrowse
                                                      • 104.44.100.176
                                                      SecuriteInfo.com.Linux.Siggen.9999.8352.26322.elfGet hashmaliciousMiraiBrowse
                                                      • 20.169.249.56
                                                      https://www.carsoup.com/api/v1/connections/store?type=web_referrals&dealer_id=18689&redirect=https%3A%2F%2Flyn.bz/bbbGet hashmaliciousHTMLPhisherBrowse
                                                      • 13.107.6.156
                                                      firmware.armv4l.elfGet hashmaliciousUnknownBrowse
                                                      • 22.97.108.98
                                                      firmware.armv5l.elfGet hashmaliciousUnknownBrowse
                                                      • 22.97.108.98
                                                      firmware.armv7l.elfGet hashmaliciousUnknownBrowse
                                                      • 21.114.101.100
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 13.107.246.45
                                                      firmware.i586.elfGet hashmaliciousUnknownBrowse
                                                      • 21.114.101.100
                                                      firmware.mipsel.elfGet hashmaliciousUnknownBrowse
                                                      • 22.97.108.98
                                                      firmware.sh4.elfGet hashmaliciousUnknownBrowse
                                                      • 20.55.127.67

                                                      JA3 Fingerprints

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      1138de370e523e824bbca92d049a37771d0000.MSBuild.exeGet hashmaliciousXehook StealerBrowse
                                                      • 23.1.237.91
                                                      http://cdn.btmessage.comGet hashmaliciousHTMLPhisherBrowse
                                                      • 23.1.237.91
                                                      RANGLANDLAW.xlsxGet hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      http://mentmaskloegionn.gitbook.io/us/Get hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      http://pub-ca22a10ffb7349aca30da700c49a0d87.r2.dev/index.htmlGet hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      https://qt6ata.shop/?dre=f06d4Get hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      http://pub-5f9157fad7fd426bad68e1875cc4842e.r2.dev/uhtdex.htmlGet hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      http://pub-33cba1b1aa61453b9e89a582d09f5287.r2.dev/index.htmlGet hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      http://opposite-test-user-admin.surge.sh/index.htmlGet hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      http://coibicxsigninlogin.gitbook.io/Get hashmaliciousUnknownBrowse
                                                      • 23.1.237.91
                                                      28a2c9bd18a11de089ef85a160da29e4http://beonlineboo.comGet hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      http://cdn.btmessage.comGet hashmaliciousHTMLPhisherBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      https://inboxsender.gxsearch.club/redir5/serial.phpGet hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      https://gunxt71ylj.swanprincessseries.shop/?email=redacted_emailGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      https://www.sharepointle.com/nam/b7c7f9fb-10af-4a78-b055-1aae28072d54/63ec8c0e-31c8-42ea-a890-b6ee6a16a759/8ca39e5f-fb4f-4462-a716-7a468ff934d1/login?id=M3JjNFNGc2tnZHFtT29GMmRvdXdkdWJaU2hKa214Uk5hc2szK1RuV1Y3NHJKY1hxV01BcVZZeFdWVXJ1SUgwU0pEc2JLRGIyTUVLL1hVZzBMUkhtdjNqY2ZUdy9tV1k5N0I4ZGtFS3dCQlBPV29udmRXMjUzb1pTTjl4NkxJQnQyS3RRQkV0U2gwTTJ6SkZwMUhXV1FaUGRSRmg5NEJGcmpLem8zYlNtR05LTGZRZGRYMHJ0QmRncXR1R0xGYnpnYVFweEZ4Mkcvb2xMcnNZNEdLRUxFcy9vaWNIQ3N3eXhwbFdkVVFrWHVrRXM1OXJiUzVaQWtCTE1QM1RvYmNGdXJzTzViblB1S2RlYm9zVHh2RUJ2QmFtUDRBcG9pZS9qZnU2UnR3V0o1NWVQRGJCQThxbnhXV2RaWTRsb3BpN3dpM3g5ZWk2dkVCbHN3SWtpSEUvT3phS3p6SkZndW83SzRwK241Y1U1N25pQSt6ZE1KL1QvZmMyeEc5c0pzcFRWYi85UmtJS1M2WmpUajFpaC9aL0hSRytJY2ZWbkw3bEw3Q2lyc1ljVk5NQT0Get hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      https://augeanremittancedata647489329364783926443292837.s3.ap-southeast-2.amazonaws.com/rer6t7yuhyvfy.htmGet hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      https://complaint.room2222.world/apartment/98754Get hashmaliciousUnknownBrowse
                                                      • 40.126.31.69
                                                      • 2.18.97.153
                                                      • 20.114.59.183
                                                      fb0aa01abe9d8e4037eb3473ca6e2dcafile.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123
                                                      file.exeGet hashmaliciousUnknownBrowse
                                                      • 35.244.181.201
                                                      • 34.149.100.209
                                                      • 52.222.236.23
                                                      • 34.120.208.123

                                                      Dropped Files

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpfile.exeGet hashmaliciousUnknownBrowse
                                                        file.exeGet hashmaliciousUnknownBrowse
                                                          file.exeGet hashmaliciousUnknownBrowse
                                                            file.exeGet hashmaliciousUnknownBrowse
                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                file.exeGet hashmaliciousUnknownBrowse
                                                                  file.exeGet hashmaliciousUnknownBrowse
                                                                    file.exeGet hashmaliciousUnknownBrowse
                                                                      file.exeGet hashmaliciousUnknownBrowse
                                                                        file.exeGet hashmaliciousUnknownBrowse
                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)file.exeGet hashmaliciousUnknownBrowse
                                                                            file.exeGet hashmaliciousUnknownBrowse
                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                file.exeGet hashmaliciousUnknownBrowse
                                                                                  file.exeGet hashmaliciousUnknownBrowse
                                                                                    file.exeGet hashmaliciousUnknownBrowse
                                                                                      file.exeGet hashmaliciousUnknownBrowse
                                                                                        file.exeGet hashmaliciousUnknownBrowse
                                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                                            file.exeGet hashmaliciousUnknownBrowse

                                                                                              Created / dropped Files

                                                                                              C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_4d666f67-10b5-405b-8844-922ee1773494.json (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):6439
                                                                                              Entropy (8bit):5.141840725976398
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:FKMiEm5cbhbVbTbfbRbObtbyEznpnSrDtTZdB:FPMcNhnzFSJ7nSrDhZdB
                                                                                              MD5:421EA304E00AD86BACCCA0A6CE63945C
                                                                                              SHA1:AAEDC083E9FAFC96582BBE1958722E67DCE79BE4
                                                                                              SHA-256:F26559DF413EAE6828B02C7E7187FBD79B68B53CB26883714E226A08EC0BCCDB
                                                                                              SHA-512:ADCB153120095DBD8545D4E779E8F837937C463670DE295216DFD4642E3A07CE886D8FAF54C4DC0B7AF1347DC925634C62F652FA6B0E1399EA8742F96DB747D9
                                                                                              Malicious:false
                                                                                              Preview:{"type":"uninstall","id":"4d666f67-10b5-405b-8844-922ee1773494","creationDate":"2024-09-05T14:23:54.755Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                              C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_4d666f67-10b5-405b-8844-922ee1773494.json.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):6439
                                                                                              Entropy (8bit):5.141840725976398
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:FKMiEm5cbhbVbTbfbRbObtbyEznpnSrDtTZdB:FPMcNhnzFSJ7nSrDhZdB
                                                                                              MD5:421EA304E00AD86BACCCA0A6CE63945C
                                                                                              SHA1:AAEDC083E9FAFC96582BBE1958722E67DCE79BE4
                                                                                              SHA-256:F26559DF413EAE6828B02C7E7187FBD79B68B53CB26883714E226A08EC0BCCDB
                                                                                              SHA-512:ADCB153120095DBD8545D4E779E8F837937C463670DE295216DFD4642E3A07CE886D8FAF54C4DC0B7AF1347DC925634C62F652FA6B0E1399EA8742F96DB747D9
                                                                                              Malicious:false
                                                                                              Preview:{"type":"uninstall","id":"4d666f67-10b5-405b-8844-922ee1773494","creationDate":"2024-09-05T14:23:54.755Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\16a73249-6c99-43b3-b639-4a5eef0ee402.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):45633
                                                                                              Entropy (8bit):6.086650850641762
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:mMGQ7FCYXGIgtDAWtJ4n9Dn/3hDO6vP6OrPkIt+Lqb/lEeCAonGoup1Xl3jVzXr+:mMGQ5XMBG9D06L3WeRonhu3VlXr49
                                                                                              MD5:6AB0E5AC8C52EFCA19465E6047312523
                                                                                              SHA1:EC934BF650522FD8F30296DAF4D5AA1D88EBFA4A
                                                                                              SHA-256:E143602692616B3AEBA812E9962B067FE2564981921C948FCBFB903534D811E2
                                                                                              SHA-512:51268FB72BCB1F7525D80AEAF9E96AF2007CFFCE42F3475D9E4BECAF9A523FFE3FEA13CF926114E1134D5D4C02000DC0D57C9A510CBDCE8FCFFFA4A7765EF4A5
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\18040e10-a581-403d-9f6f-cfa1fbf7818b.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):45710
                                                                                              Entropy (8bit):6.08653406960929
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:mMGQ7FCYXGIgtDAWtJ4IoDn/3hDO6vP6OrHkIt+Lqb/lEeCAonGoup1Xl3jVzXr+:mMGQ5XMBDoD06LvWeRonhu3VlXr49
                                                                                              MD5:D49151AB981A7BDE42D2D03F569367A6
                                                                                              SHA1:853843249ACFB03F2DE711579F00B696482CADE7
                                                                                              SHA-256:6D3A38B310CB45F4864A810F7B390908448D3E805BD1E254E213B72089CCD4BE
                                                                                              SHA-512:3E8B9F8BEE447CA9FC2FF3AAADDA73443764BCD7339DBF092C0B2EFC033DC670421E4C042910E622117033A5DBDC1577F0D4953ECC5CB6FDD686C627579A311D
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4885a36e-a371-48c6-8c09-d0f80e760ccd.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44656
                                                                                              Entropy (8bit):6.096062833765968
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBjwuOhDO6vP6OrPkIt+Lqb/cGoup1Xl3jVzXr4CCz:z/Ps+wsI7yOEv6L3chu3VlXr4CRo1
                                                                                              MD5:F5A7DE9A6469018CF69091A66FBC9416
                                                                                              SHA1:9197B67139B7FA604C8FBB978CB714FED0CA3D6B
                                                                                              SHA-256:0ACE8F5E4DF21854CCA72C8AAB3B3ADCA04B263CCECBD51D37A3CCCD6DBC9C73
                                                                                              SHA-512:46875153441EC5DF5107FA062B3C0C28E0FFA8F179A07EB739BE265229E47671E117E7136952358F7C6C296AC4D5869E8D3FE207AEEC4C1759B5ADC60CA92175
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\75c9fa31-5b4a-45e3-a4e6-677e095abe56.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7b91fb6c-8e26-49c1-a9a6-23cd71aa7572.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44600
                                                                                              Entropy (8bit):6.0959925167460405
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBmwuOhDO6vP6OrLVIm5RclcGoup1Xl3jVzXr4CCAg:z/Ps+wsI7ynEQ6LEchu3VlXr4CRo1
                                                                                              MD5:71E7FD3DDF5172776FF07847D521CFC5
                                                                                              SHA1:C379E29E93300CE5A78331C9D6DD4A741C239267
                                                                                              SHA-256:555B111F5BFFF1CDE0BA30F7FF16D390A45BDE5D48782126D50B3693795C1BD3
                                                                                              SHA-512:8B708BEA8AD429C4E989B6FD0F8DF59B0495479EECDCEA6C3087CD03FFA658DDC307F448888CE3C55A7B39A2DC6C608D240A03675241DCF8AB3558772F1E9B4A
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\73dad07c-6633-4ba6-8756-fc2879b35d23.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):107893
                                                                                              Entropy (8bit):4.640149995732079
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P75:fwUQC5VwBIiElEd2K57P75
                                                                                              MD5:AD9FA3B6C5E14C97CFD9D9A6994CC84A
                                                                                              SHA1:EF063B4A4988723E0794662EC9D9831DB6566E83
                                                                                              SHA-256:DCC7F776DBDE2DB809D3402FC302DB414CF67FE5D57297DDDADCE1EE42CFCE8F
                                                                                              SHA-512:81D9D59657CAF5805D2D190E8533AF48ACEBFFF63409F5A620C4E08F868710301A0C622D7292168048A9BC16C0250669FAAA2DCBF40419740A083C6ED5D79CFA
                                                                                              Malicious:false
                                                                                              Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):107893
                                                                                              Entropy (8bit):4.640149995732079
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P75:fwUQC5VwBIiElEd2K57P75
                                                                                              MD5:AD9FA3B6C5E14C97CFD9D9A6994CC84A
                                                                                              SHA1:EF063B4A4988723E0794662EC9D9831DB6566E83
                                                                                              SHA-256:DCC7F776DBDE2DB809D3402FC302DB414CF67FE5D57297DDDADCE1EE42CFCE8F
                                                                                              SHA-512:81D9D59657CAF5805D2D190E8533AF48ACEBFFF63409F5A620C4E08F868710301A0C622D7292168048A9BC16C0250669FAAA2DCBF40419740A083C6ED5D79CFA
                                                                                              Malicious:false
                                                                                              Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):4194304
                                                                                              Entropy (8bit):0.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3::
                                                                                              MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                              SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                              SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                              SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                              Malicious:false
                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):4194304
                                                                                              Entropy (8bit):0.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3::
                                                                                              MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                              SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                              SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                              SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                              Malicious:false
                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D9A48C-173C.pma

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):4194304
                                                                                              Entropy (8bit):0.47808659280568794
                                                                                              Encrypted:false
                                                                                              SSDEEP:3072:vnGGXGaWUay+TBxI0fS1Ag1HF04OJ58eexqJPjrdRwGeg1HFXMXtM:uGXI2KBxXS1AaHa4i8jxqhdRwGeaHmX
                                                                                              MD5:54A5239844BE592D01AC5BBD851882E6
                                                                                              SHA1:1536B41A9756407C5EBC4DADE818CE0897823C27
                                                                                              SHA-256:E3757C03DA35F7CF434FC0354A8B1FF80C428D24EB50E346FEA3731CC91F2E5C
                                                                                              SHA-512:059377E3C4F5E81F8824C7F197352F47008FB0885DF5E8FC44BE35C00785D8DF467348C8687743D5FC7DDF3687F917EFE2A950984C3673BAEC40502DA1561B9B
                                                                                              Malicious:false
                                                                                              Preview:...@..@...@.....C.].....@...............P...................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".cconrh20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..U?:K..>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2......._...... .2........6......

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):280
                                                                                              Entropy (8bit):4.132041621771752
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:FiWWltlApdeXKeQwFMYLAfJrAazlYBVP/Sh/JzvPWVcRVEVg3WWD5x1:o1ApdeaEqYsMazlYBVsJDu2ziy5
                                                                                              MD5:845CFA59D6B52BD2E8C24AC83A335C66
                                                                                              SHA1:6882BB1CE71EB14CEF73413EFC591ACF84C63C75
                                                                                              SHA-256:29645C274865D963D30413284B36CC13D7472E3CD2250152DEE468EC9DA3586F
                                                                                              SHA-512:8E0E7E8CCDC8340F68DB31F519E1006FA7B99593A0C1A2425571DAF71807FBBD4527A211030162C9CE9E0584C8C418B5346C2888BEDC43950BF651FD1D40575E
                                                                                              Malicious:false
                                                                                              Preview:sdPC......................X..<EE..r/y..."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\12a18608-0976-479b-9427-bb63dd725c19.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):13306
                                                                                              Entropy (8bit):5.281115885603968
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDiuabatSuyIfsyusZihaEXxRky3k8wbV+FICQA66WVlaFIMYQPUYJ:stuPGQSudsyufhaEXxQbGBQx6WVlaTY4
                                                                                              MD5:E68C1D67F739B0309125CE1BC0443AF4
                                                                                              SHA1:3EAD2E8BC6C7013EB031C2EE706FA8F5248772CA
                                                                                              SHA-256:EC56987BB8C8C462CAA562EE4E72EB9FC47C5EA7F7D5D55E0515DC0FA2C616FD
                                                                                              SHA-512:7660852DF2E69290560750ECFF308646B29924738A22B73752EF7C6771293B72295C38BA305E48E19F5D6A82DAB3C160BEF00DC229B44DFF988FB191B1EC2EE2
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\1cd20c98-0f91-4f70-9b78-1a352222de74.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:very short file (no magic)
                                                                                              Category:dropped
                                                                                              Size (bytes):1
                                                                                              Entropy (8bit):0.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:L:L
                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                              Malicious:false
                                                                                              Preview:.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\31aabcfb-9026-4872-954c-0e10f9ff5ff2.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):115717
                                                                                              Entropy (8bit):5.183660917461099
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                              MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                              SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                              SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                              SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                              Malicious:false
                                                                                              Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4be7b9a9-3e05-4db7-82d2-3d0a7853af00.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):12523
                                                                                              Entropy (8bit):5.207081000606418
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDigabatSuyIfsyusZihUky3k8wbV+FICQA66WdaFIMYQPUYJ:stuPGKSudsyufhlbGBQx6WdaTY4
                                                                                              MD5:F222AD568EBC91E86C3EF8A9E081CE7B
                                                                                              SHA1:AADA18B134F174260AE7BF8410F232A8E264B077
                                                                                              SHA-256:31F5D4C048E67CC52439D382828A21E3025E82A229FA04AA64CE810644F560F4
                                                                                              SHA-512:FCA194EA4485C51DDC64F8C7C9686814BCAEC924968186F8E06AE574F59BA7394ADF5A53DC6228116878E7F1261EBE90961CAD0D0772AA64631504AF2743FD57
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\581f24fb-013e-488d-986f-7ef1b87098b8.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:very short file (no magic)
                                                                                              Category:dropped
                                                                                              Size (bytes):1
                                                                                              Entropy (8bit):0.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:L:L
                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                              Malicious:false
                                                                                              Preview:.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8c89ad1f-07c7-4fdb-ab79-25e4b10bdcaa.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):13141
                                                                                              Entropy (8bit):5.283546071702742
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDiuabatSuyIfsyusZihaEXxRky3k8wbV+FICQA66WdaFIMYQPUYJ:stuPGQSudsyufhaEXxQbGBQx6WdaTY4
                                                                                              MD5:54DAD996BDF2681D471106CAF8321516
                                                                                              SHA1:F25A834E91387118C6380DFE86E7976DD305A900
                                                                                              SHA-256:135B4626B7FC930C742E38762BC3B6E50BCC7E78226003D16FB374263EEE5F96
                                                                                              SHA-512:CE6DB02335BC406CB5028A8966393C074C8B01B02412A91F6BF2AA91C863B532FFADCB6D4C67DA396D8278866E4DD36801EF196E7331D195BDCC69060BDE4B44
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9c806900-d04b-4268-b92a-dda7e39c83f9.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):35272
                                                                                              Entropy (8bit):5.556546860023451
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:X/JfJSWPawfzk8F1+UoAYDCx9Tuqh0VfUC9xbog/OVzxbDkrwTO8p0qKp9tuO:X/JfJSWPawfzku1jaWhD9TO8Lgt9
                                                                                              MD5:1606E14F82AD0BF873B2C3627AEBCC42
                                                                                              SHA1:525B5E42BD4381FDBD4224BFBEC0441C3A80B1C5
                                                                                              SHA-256:96127C7B42D83A18A66EA8AB4BD4CDFEBAEBF6A0842EC4CFB83093E18FFB7871
                                                                                              SHA-512:4B95F1C6942B3B873B76B97FC89A535E8BC5F1E40BFC549A07708C7B67904A85F206415DB33883E86069DE797469FD7295E4B1D12FAAE5AB4BA5807E18ED6643
                                                                                              Malicious:false
                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13370013068441405","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13370013068441405","location":5,"ma

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9f302c3b-5635-42fe-a8d9-bd85cfeb9187.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):13306
                                                                                              Entropy (8bit):5.281072843532447
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDiuabatSuyIfsyusZihaEXxRky3k8wbV+FICQA66WZlaFIMYQPUYJ:stuPGQSudsyufhaEXxQbGBQx6WZlaTY4
                                                                                              MD5:F840335F40222ED59E8E461B70ED0F53
                                                                                              SHA1:7EF068D2BDE3053F5E9371B65AD5AB605C9A66A2
                                                                                              SHA-256:19F1738156E84C81C4D8FF037EE3146B9179B256118E3BD10D048B18483D1989
                                                                                              SHA-512:6A9B850CAAF7AEBE577DB21ED2EDA271D78C10CD53C3A740B73E76DA0E62B0401D8E929AF34EA8981582257DAFF98D2F5A71126331DC88287359191233488CC7
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):16
                                                                                              Entropy (8bit):3.2743974703476995
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                              Malicious:false
                                                                                              Preview:MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):33
                                                                                              Entropy (8bit):3.5394429593752084
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                              MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                              SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                              SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                              SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                              Malicious:false
                                                                                              Preview:...m.................DB_VERSION.1

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):16
                                                                                              Entropy (8bit):3.2743974703476995
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                              Malicious:false
                                                                                              Preview:MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):307
                                                                                              Entropy (8bit):5.249454383702429
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PSF1923oH+Tcwtp3hBtB2KLllzFF+q2P923oH+Tcwtp3hBWsIFUv:PSYYebp3dFLnzFF+v4Yebp3eFUv
                                                                                              MD5:CB1C97C28BCCCD972012700835A28E59
                                                                                              SHA1:538862B5704A4A1054E3C862A5E7DD1EE5595DE4
                                                                                              SHA-256:0A47D64087642E97D6B1BAC38D276225F409D318C4B9ED4E50B7BC8F9400A0E5
                                                                                              SHA-512:42F935177860BB685AD93EB7AC89AADE2868E0722E8D945ABE8F8DB196C854643B1333627C2580DE7D831F8923337DAB8FED2C2F8653A8AC5045A4A7A44F0ECD
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:15.051 8ec Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/09/05-08:31:16.057 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:OpenPGP Secret Key
                                                                                              Category:dropped
                                                                                              Size (bytes):41
                                                                                              Entropy (8bit):4.704993772857998
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                              Malicious:false
                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:modified
                                                                                              Size (bytes):2163821
                                                                                              Entropy (8bit):5.22287239647105
                                                                                              Encrypted:false
                                                                                              SSDEEP:24576:v+/PN8FtfI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:v+/PN8Hfx2mjF
                                                                                              MD5:580F5CA79AA38C3EBF55B6A65DA7A203
                                                                                              SHA1:EF586D535F193B5C4C0BB144B6554810D37D3CEB
                                                                                              SHA-256:DD31DC0D33C0470EFB23008BDC4EE87471820F6AE2F18F8D36E9D0D96F4D3C21
                                                                                              SHA-512:8ACA862E8CF71568DFCDD914DB395451BC506AE7D4CC039C6312DC959361A508FD48BECCFB4C3D4CD6D271ED705C1E8542C4193514FDA80417EB5A13AEA69844
                                                                                              Malicious:false
                                                                                              Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):336
                                                                                              Entropy (8bit):5.128123195453157
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:P4Vq2P923oH+Tcwt9Eh1tIFUt82i6gZmw+2YLIkwO923oH+Tcwt9Eh15LJ:P4Vv4Yeb9Eh16FUt82Ng/+2gI5LYeb9O
                                                                                              MD5:BAC8DE49F14CCDCEBA7D78C65472B832
                                                                                              SHA1:BC10543C508AFDA76D90AB83F422CFBAE67F22FA
                                                                                              SHA-256:84D08CC17EB556683C5FE48E49AC9545652B89698E81B41EA0BD9CCB0C6BE1F6
                                                                                              SHA-512:D08708BD0F0E2BBB0B0123A20FBB09B87172AD44AEB009CEAF5A39CB94D288254E1C5B941D93BCDD72C1C1624941F8EE9B3BE7A3D9194EBFEFCC993538274846
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:14.888 2084 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/09/05-08:31:14.896 2084 Recovering log #3.2024/09/05-08:31:14.901 2084 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):336
                                                                                              Entropy (8bit):5.128123195453157
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:P4Vq2P923oH+Tcwt9Eh1tIFUt82i6gZmw+2YLIkwO923oH+Tcwt9Eh15LJ:P4Vv4Yeb9Eh16FUt82Ng/+2gI5LYeb9O
                                                                                              MD5:BAC8DE49F14CCDCEBA7D78C65472B832
                                                                                              SHA1:BC10543C508AFDA76D90AB83F422CFBAE67F22FA
                                                                                              SHA-256:84D08CC17EB556683C5FE48E49AC9545652B89698E81B41EA0BD9CCB0C6BE1F6
                                                                                              SHA-512:D08708BD0F0E2BBB0B0123A20FBB09B87172AD44AEB009CEAF5A39CB94D288254E1C5B941D93BCDD72C1C1624941F8EE9B3BE7A3D9194EBFEFCC993538274846
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:14.888 2084 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/09/05-08:31:14.896 2084 Recovering log #3.2024/09/05-08:31:14.901 2084 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                              Category:dropped
                                                                                              Size (bytes):28672
                                                                                              Entropy (8bit):0.4656605101597933
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBc:TouQq3qh7z3bY2LNW9WMcUvB
                                                                                              MD5:9B1280B0513205A8B30992E6C8DED70C
                                                                                              SHA1:F6EFA362A779271B35B7AA79110B3E87DE77A772
                                                                                              SHA-256:EBCE41C24C663AD08A872B5489085FD9D8E28D2C70A9E98D2732C8AD9D05A2E3
                                                                                              SHA-512:16D0B98254C4239FB4F980B917E5165B412FC7A896393BB2B0C8D7B21FBF3A48FE54776DD524D7512EBF9C0A9209D78126C47D9080D1D8CBC96CB8E3E7E23B27
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                              Category:dropped
                                                                                              Size (bytes):10240
                                                                                              Entropy (8bit):0.8708334089814068
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                              MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                              SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                              SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                              SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):636554
                                                                                              Entropy (8bit):6.0127694795093625
                                                                                              Encrypted:false
                                                                                              SSDEEP:12288:BhjHVMIvgjD8xIXualvzHR7iaQKR+8JbtlmkdBC1esJxrVcQNaiBa:Bhq+kaIXnQs+Qb3mkGbJo5
                                                                                              MD5:CDE9ABB05D9CF09C0DA933480FEC3B64
                                                                                              SHA1:D28F62243CA290594B0EB556FE0831AA6FCC6C8A
                                                                                              SHA-256:036961C14225D6DD3397D4EA5B38D010A7F0EE778CFDBEFE9437F37DDE78E39F
                                                                                              SHA-512:FFD65D76C5DF99F63EDE9695B15CE7D3AD175FB87AD8C708DDBBF5E3747379CBCA0F30C5146E7EE1A86037DB96A63F36AAAD5606D6D95BF45022E3024BF2F018
                                                                                              Malicious:false
                                                                                              Preview:...m.................DB_VERSION.1.!Z2.................BLOOM_FILTER:..&{"numberOfHashFunctions":8,"shiftBase":8,"bloomFilterArraySize":3767945,"primeBases":[5381,5381,5381,5381],"supportedDomains":"+o3+RncW1oGSCAJdFuTFqUW6YaGaAbCC0mXuZLc6TAdWf+a3VWHilOI7HUSutZN7jjBKd4Xi34zSVDgDggvk4iE7SFOUe0to/ca2Z9NKMxb3353s+Xz5MJEyQlwFGH9Q4NPsSG7/Mg0OzIizAAoQKAb68INGxcqMD8b8cjATmbZA8J3gaDgCBh+FwkLSt7ItZOvFiz1UWGdFoGeWLVoid0mXBF1tVxiUsnfZrTOYUq+ybxegQgLR7oDn/09U0naczNrckPPeVov9TOq080La20glc39nrbTQ161ERvbKrN6QBMsgiTOHVfZfSTGNbPb7sPb+5dDTy5Pj4SDC6TCZj8jX3zHAoaELBAojh3rXGAdRcmlzljl/F2zoyuFBIUzr1kW7W1ersVw2uiPbjdETQ6f6PzQr5AIUQSnGkCAK4eY8TDM6HLdxH8VjohD4l8UWF3Y9XOks322TYQmhq7J/I5qw0+ibgaYj2D0vvNSxCuIJMAcBjJAiV3jSfyJZCI7hs3VWZSRjobGr+J4EqQa3vtIovMi1uA9KKefV9pM81NjK5N2TORH5BQe9Np+dJNRjevW/vXAW4n+oqu76r1jaC4FKAy9+Xb5xIFPlpZDNzVhz/6/ct6Hct8kU9B96g6Gv3o9/8jKq///viYVNKvcp+tGhn40YSm6uaOjATydJjaZqudEoej2VEh/hMKMwBMZNV2DvJuxJfXP9Vxyc06+ZH2XLctB6KM125+jdQ7UtY9dujxJcJ6P5ONGgAQohAe9Jqk8wYOnC5u/cDvlnwhGVt8QSnkPqM+ce4mL

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000004.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):142
                                                                                              Entropy (8bit):5.04319433803243
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:lxl9l/38E28xp4m3rscUSXQTfjiQX/Nlf+nETPxpK2x7L8KFunLutCF:Z9t38D8xSEsIXGR/v+n0PxEWHFeStO
                                                                                              MD5:DD3032B7206D0F39CC44A96744FC366C
                                                                                              SHA1:C0543FC24ADEF78640D1B5024224019BC070E208
                                                                                              SHA-256:A042A3F6746CDBFC5CDB0CE38FE120ADE218AD10E0AEA6F0895040DB3E2C663E
                                                                                              SHA-512:34AC311592DFC7AE2C2FDA844010C47E91EE1BF83908C08C0B0043491F07F4E76F8B8A06C7F005CEC07F2F838B72FA9D8349D91DB818AB18262840F3024C5F88
                                                                                              Malicious:false
                                                                                              Preview:Q...9................BLOOM_FILTER_EXPIRY_TIME:.1725625874.496872.I]NG................BLOOM_FILTER_LAST_MODIFIED:.Thu, 05 Sep 2024 12:08:14 GMT

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000005.ldb

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):636529
                                                                                              Entropy (8bit):6.012178686683981
                                                                                              Encrypted:false
                                                                                              SSDEEP:12288:vhEHVMavgBg8bIXuHlvzHM7iawKRt8AbtA0kdBO1esJxLVcWGaiQX:vh7cNaIXxwstXb+0kKbJ1l
                                                                                              MD5:D06FF4898FA4B70F70844C78C74E85F1
                                                                                              SHA1:343AACAE98E528494912A7795CFDA3320598B8B9
                                                                                              SHA-256:7075C56053C9821ACF183DBB7CF38F0EB58DED5773450E7FC5D015DAF9885A11
                                                                                              SHA-512:ADD667D77284908B8DE405827BA3BFA0D56A8E19DEC93D4E3B5CB6731001D86AA65899CEC389DDC0D50D40A95DFBFEF10838C3BB3E565330EE72F7E5C43A1AC1
                                                                                              Malicious:false
                                                                                              Preview:....&BLOOM_FILTER:........{"numberOfHashFunctions":8,"shiftBase":8,"bloomFilterArraySize":3767945,"primeBases":[5381,5381,5381,5381],"supportedDomains":"+o3+RncW1oGSCAJdFuTFqUW6YaGaAbCC0mXuZLc6TAdWf+a3VWHilOI7HUSutZN7jjBKd4Xi34zSVDgDggvk4iE7SFOUe0to/ca2Z9NKMxb3353s+Xz5MJEyQlwFGH9Q4NPsSG7/Mg0OzIizAAoQKAb68INGxcqMD8b8cjATmbZA8J3gaDgCBh+FwkLSt7ItZOvFiz1UWGdFoGeWLVoid0mXBF1tVxiUsnfZrTOYUq+ybxegQgLR7oDn/09U0naczNrckPPeVov9TOq080La20glc39nrbTQ161ERvbKrN6QBMsgiTOHVfZfSTGNbPb7sPb+5dDTy5Pj4SDC6TCZj8jX3zHAoaELBAojh3rXGAdRcmlzljl/F2zoyuFBIUzr1kW7W1ersVw2uiPbjdETQ6f6PzQr5AIUQSnGkCAK4eY8TDM6HLdxH8VjohD4l8UWF3Y9XOks322TYQmhq7J/I5qw0+ibgaYj2D0vvNSxCuIJMAcBjJAiV3jSfyJZCI7hs3VWZSRjobGr+J4EqQa3vtIovMi1uA9KKefV9pM81NjK5N2TORH5BQe9Np+dJNRjevW/vXAW4n+oqu76r1jaC4FKAy9+Xb5xIFPlpZDNzVhz/6/ct6Hct8kU9B96g6Gv3o9/8jKq///viYVNKvcp+tGhn40YSm6uaOjATydJjaZqudEoej2VEh/hMKMwBMZNV2DvJuxJfXP9Vxyc06+ZH2XLctB6KM125+jdQ7UtY9dujxJcJ6P5ONGgAQohAe9Jqk8wYOnC5u/cDvlnwhGVt8QSnkPqM+ce4mLoqavVr1W6M2pkmSIpauEh0cez8hN+5N/u78l15yvzNT5

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):506
                                                                                              Entropy (8bit):5.253199308073653
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:PIOM+v4Yebn9GFUt82IMq/+2IM1MV5LYebn95Z9lxxf0n6cxfr1K25h:t4Yeb9ig8wLYeb9zpmPZHh
                                                                                              MD5:AF61CD74C152E410568FE2A33AEAF2B9
                                                                                              SHA1:41DC0C8FA529D051E8CBFD1D1F1528EE24ACD421
                                                                                              SHA-256:C6153CBA5A7BABB5A6F3F72A4520F006AAF55BA234F335A2D04890EB48A349F7
                                                                                              SHA-512:AE3CAA028AA3C6C88932121772EBDFFE8891DA78B30FA49D8DDFCFA963C6500CB02F60BB1873013BDA8BEFD21D3297512DADE9DE33B415C8DE891CE569316CD2
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.537 8fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/09/05-08:31:08.539 8fc Recovering log #3.2024/09/05-08:31:08.539 8fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/09/05-08:31:14.523 8fc Level-0 table #5: started.2024/09/05-08:31:14.558 8fc Level-0 table #5: 636529 bytes OK.2024/09/05-08:31:14.560 8fc Delete type=0 #3.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):506
                                                                                              Entropy (8bit):5.253199308073653
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:PIOM+v4Yebn9GFUt82IMq/+2IM1MV5LYebn95Z9lxxf0n6cxfr1K25h:t4Yeb9ig8wLYeb9zpmPZHh
                                                                                              MD5:AF61CD74C152E410568FE2A33AEAF2B9
                                                                                              SHA1:41DC0C8FA529D051E8CBFD1D1F1528EE24ACD421
                                                                                              SHA-256:C6153CBA5A7BABB5A6F3F72A4520F006AAF55BA234F335A2D04890EB48A349F7
                                                                                              SHA-512:AE3CAA028AA3C6C88932121772EBDFFE8891DA78B30FA49D8DDFCFA963C6500CB02F60BB1873013BDA8BEFD21D3297512DADE9DE33B415C8DE891CE569316CD2
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.537 8fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/09/05-08:31:08.539 8fc Recovering log #3.2024/09/05-08:31:08.539 8fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/09/05-08:31:14.523 8fc Level-0 table #5: started.2024/09/05-08:31:14.558 8fc Level-0 table #5: 636529 bytes OK.2024/09/05-08:31:14.560 8fc Delete type=0 #3.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:OpenPGP Secret Key
                                                                                              Category:dropped
                                                                                              Size (bytes):103
                                                                                              Entropy (8bit):5.287315490441997
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:scoBAIxQRDKIVjGtCSluhFhinvsD8xFxN3erkEtl:scoBY7j6CSluGvlxFDkHl
                                                                                              MD5:BBF990808A624C34FC58008F69BE5414
                                                                                              SHA1:8E91249954C47ED58AFAA34373006A9A907A8B87
                                                                                              SHA-256:2E9DF06E07493794BAE755C1954FDC37401D757916EBFBAA7F0EE64A8FD16E9E
                                                                                              SHA-512:9F6863BCEE0782B211E95986AEDB74E0563A24D7FE448A7CA56EC94CD489A5BE0999757C25CB75DB6789759DCB81C20236EFB96945165E15E3D139CA4836B844
                                                                                              Malicious:false
                                                                                              Preview:.|.."....leveldb.BytewiseComparator..........7...............&.BLOOM_FILTER:.........DB_VERSION........

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                              Category:dropped
                                                                                              Size (bytes):20480
                                                                                              Entropy (8bit):0.6139026887018851
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:TLapR+DDNzWjJ0npnyXKUO8+jZXzpT9mL:TO8D4jJ/6Up+dd6
                                                                                              MD5:905B6CA4C5561246E11D118CDDF9699F
                                                                                              SHA1:A1456416E0FA390E265BEF8746B115366A425F88
                                                                                              SHA-256:5F83EC38A423DB117435DD5DBA577B448D9085C595ED3E81C8D08BD505BA1406
                                                                                              SHA-512:27B86A51F30DEDE69E30752C10709BE4B386448E95CB5AB9FAB6F9F6A448EEABBD283304FD78922BE8D5A1CCD50872F03FBA19007EC3117664349FA5EC4A2398
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):16
                                                                                              Entropy (8bit):3.2743974703476995
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                              Malicious:false
                                                                                              Preview:MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):375520
                                                                                              Entropy (8bit):5.354116344442646
                                                                                              Encrypted:false
                                                                                              SSDEEP:6144:RA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:RFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                              MD5:F8D481225991CD8E95A9CEF38BB86C1D
                                                                                              SHA1:4B10656E12121B0B0631262C14EAEE0E84EB10BA
                                                                                              SHA-256:A1299B50E01010F75DE99DE9857BB01002323FA9515A43AC11845B0AF7AB6132
                                                                                              SHA-512:6E6413F09F62C56F3B5E7B0715BE5B9A43359F7D55362C1BF973CA763D8283094B80DDAAAF41C0C769D51844EB23C27C4A7C84F0B9CA7004D43A0E2C14FA28EA
                                                                                              Malicious:false
                                                                                              Preview:...m.................DB_VERSION.1..pq...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13370013076258026..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):16
                                                                                              Entropy (8bit):3.2743974703476995
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                              Malicious:false
                                                                                              Preview:MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):311
                                                                                              Entropy (8bit):5.171147438065468
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PYdq1923oH+Tcwtk2WwnvB2KLllWf3+q2P923oH+Tcwtk2WwnvIFUv:P2fYebkxwnvFLnWOv4YebkxwnQFUv
                                                                                              MD5:9FAB336922B779E3A5A050A6046E09B6
                                                                                              SHA1:A4EE5EEB19D8D5D40EF2705DEC912FEFFD291569
                                                                                              SHA-256:0425056253E50F9DBE21CB5CE9964C7AB1CD57B962BCAC0FB7BA6440072BDBE0
                                                                                              SHA-512:BA90102C8BF091829B15FE799D4AD99D0CA7CE9CC5C064E438C72FF90D43546E9D17120EAD4663BABED1C7CABDB232216F75DB90E0AC34D96718B511DE789C57
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:14.921 2288 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/09/05-08:31:15.019 2288 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:OpenPGP Secret Key
                                                                                              Category:dropped
                                                                                              Size (bytes):41
                                                                                              Entropy (8bit):4.704993772857998
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                              Malicious:false
                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:modified
                                                                                              Size (bytes):358860
                                                                                              Entropy (8bit):5.324616621285344
                                                                                              Encrypted:false
                                                                                              SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6Rr:C1gAg1zfvz
                                                                                              MD5:53AF014B96879DC4D96C5B70EF21AF9B
                                                                                              SHA1:ACDCF82F281AB2F990A0BF811C9FE2D8742AAE0B
                                                                                              SHA-256:B8B6437A0C8410B2072FA0899279066A47B033F56DB38ED483D22254AF20AB1D
                                                                                              SHA-512:6024BD3926DBA1619A5A0D4ADFD916B4083FD7397162A55324481A08BBD7D0B93F17337D7464D6F5A192800B10027FCE5E88914B44C68C535B7136D8DDF8F99D
                                                                                              Malicious:false
                                                                                              Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):418
                                                                                              Entropy (8bit):1.8784775129881184
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                              MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                              SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                              SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                              SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                              Malicious:false
                                                                                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):321
                                                                                              Entropy (8bit):5.21100041441303
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIz6Iq2P923oH+Tcwt8aPrqIFUt82IVRXZmw+2I56zkwO923oH+Tcwt8amLJ:PIz6Iv4YebL3FUt82I7X/+2Ik5LYebQJ
                                                                                              MD5:9EA0F79AC26AD77954C75976D220216E
                                                                                              SHA1:A027F92898B5621B15B208F619ABDC2207A2D6DE
                                                                                              SHA-256:1B7DCB68CAAD7811F9A27EC47F0FF4D4775590844372FC43F01EB016B6E77313
                                                                                              SHA-512:CC3F524592F5B290269FB322B98552920D83AA65035910AD2B0448B389A85EA3B14CCC41CC7718C1C78B414A7605ADF416A3DB1C760A9825BCF555D0A26464AD
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.572 764 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/09/05-08:31:08.577 764 Recovering log #3.2024/09/05-08:31:08.578 764 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):321
                                                                                              Entropy (8bit):5.21100041441303
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIz6Iq2P923oH+Tcwt8aPrqIFUt82IVRXZmw+2I56zkwO923oH+Tcwt8amLJ:PIz6Iv4YebL3FUt82I7X/+2Ik5LYebQJ
                                                                                              MD5:9EA0F79AC26AD77954C75976D220216E
                                                                                              SHA1:A027F92898B5621B15B208F619ABDC2207A2D6DE
                                                                                              SHA-256:1B7DCB68CAAD7811F9A27EC47F0FF4D4775590844372FC43F01EB016B6E77313
                                                                                              SHA-512:CC3F524592F5B290269FB322B98552920D83AA65035910AD2B0448B389A85EA3B14CCC41CC7718C1C78B414A7605ADF416A3DB1C760A9825BCF555D0A26464AD
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.572 764 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/09/05-08:31:08.577 764 Recovering log #3.2024/09/05-08:31:08.578 764 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):418
                                                                                              Entropy (8bit):1.8784775129881184
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                              MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                              SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                              SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                              SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                              Malicious:false
                                                                                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):325
                                                                                              Entropy (8bit):5.224120835752295
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIUrTMq2P923oH+Tcwt865IFUt82In9Zmw+2I7FUFzkwO923oH+Tcwt86+ULJ:PIUrTMv4Yeb/WFUt82I9/+2I7F45LYev
                                                                                              MD5:F35AED7B537AEEB7117F589928F0539C
                                                                                              SHA1:CEBEA877507785565E39D7DCCB0E6228C65373EF
                                                                                              SHA-256:650AB303E06E4A4D67BC8C1C209C4C1E6CC78D0485FF7C2D87FEDD1CAD1F4B9D
                                                                                              SHA-512:7B733E18639959649E4892E0CE086031D7F4391C18AE7A8FF73F8774A4E2F8F4A4341B1EF3BD4DCCA09A5A4CACD9BF770A56F4A95CE5D63FD3CAF13D92D064EE
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.589 764 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/09/05-08:31:08.593 764 Recovering log #3.2024/09/05-08:31:08.594 764 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):325
                                                                                              Entropy (8bit):5.224120835752295
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIUrTMq2P923oH+Tcwt865IFUt82In9Zmw+2I7FUFzkwO923oH+Tcwt86+ULJ:PIUrTMv4Yeb/WFUt82I9/+2I7F45LYev
                                                                                              MD5:F35AED7B537AEEB7117F589928F0539C
                                                                                              SHA1:CEBEA877507785565E39D7DCCB0E6228C65373EF
                                                                                              SHA-256:650AB303E06E4A4D67BC8C1C209C4C1E6CC78D0485FF7C2D87FEDD1CAD1F4B9D
                                                                                              SHA-512:7B733E18639959649E4892E0CE086031D7F4391C18AE7A8FF73F8774A4E2F8F4A4341B1EF3BD4DCCA09A5A4CACD9BF770A56F4A95CE5D63FD3CAF13D92D064EE
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.589 764 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/09/05-08:31:08.593 764 Recovering log #3.2024/09/05-08:31:08.594 764 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):1254
                                                                                              Entropy (8bit):1.8784775129881184
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                              MD5:826B4C0003ABB7604485322423C5212A
                                                                                              SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                              SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                              SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                              Malicious:false
                                                                                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):324
                                                                                              Entropy (8bit):5.129880260794248
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:P3eN4q2P923oH+Tcwt8NIFUt82fJZmw+2fDkwO923oH+Tcwt8+eLJ:P384v4YebpFUt82fJ/+2fD5LYebqJ
                                                                                              MD5:8477089B9B85A8B60170676DD84594C4
                                                                                              SHA1:04EB9D309CD191647A0EA6AD285A15C44811EA3C
                                                                                              SHA-256:3F405A5D2124D0D06DF20E8CEA4E05C81487B52AD4C7532A23A97BF4B3EFBE7A
                                                                                              SHA-512:467A4E6757CACD154775DEEC3F0C70C64B29202E51024440BD3873174E82741E079D3804B8DA499C482CF88AE2A3275A7F45AC2CC12E963B3AFBA88423BA65AF
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.324 11f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/09/05-08:31:09.325 11f0 Recovering log #3.2024/09/05-08:31:09.325 11f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):324
                                                                                              Entropy (8bit):5.129880260794248
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:P3eN4q2P923oH+Tcwt8NIFUt82fJZmw+2fDkwO923oH+Tcwt8+eLJ:P384v4YebpFUt82fJ/+2fD5LYebqJ
                                                                                              MD5:8477089B9B85A8B60170676DD84594C4
                                                                                              SHA1:04EB9D309CD191647A0EA6AD285A15C44811EA3C
                                                                                              SHA-256:3F405A5D2124D0D06DF20E8CEA4E05C81487B52AD4C7532A23A97BF4B3EFBE7A
                                                                                              SHA-512:467A4E6757CACD154775DEEC3F0C70C64B29202E51024440BD3873174E82741E079D3804B8DA499C482CF88AE2A3275A7F45AC2CC12E963B3AFBA88423BA65AF
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.324 11f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/09/05-08:31:09.325 11f0 Recovering log #3.2024/09/05-08:31:09.325 11f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):429
                                                                                              Entropy (8bit):5.809210454117189
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                              MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                              SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                              SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                              SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                              Malicious:false
                                                                                              Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 10, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                                                                                              Category:dropped
                                                                                              Size (bytes):20480
                                                                                              Entropy (8bit):2.447678240781599
                                                                                              Encrypted:false
                                                                                              SSDEEP:96:0BCyvkDnxUelS9nsH4/AztcOuuoKwxDuQ:mNvkDnx8sHXzCOPo1xDuQ
                                                                                              MD5:22BBBA4C7A6DAF0E77BD392C580E2DA4
                                                                                              SHA1:B52B2ACB8AAAE03B4C4B5DC124866996B91091D3
                                                                                              SHA-256:024E467DFFB2B27320C3965CD3712976B80EECDC1BDB03EE48D0468738863368
                                                                                              SHA-512:D34DABB69C2ADCA1209FC65E6E66B20010968754A4625DB32BDB0F0D2B5FF4059603842D8B6D0995CF5E055490F113EAE2A61770465B77ECDEE60A6096600462
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                                                                                              Category:dropped
                                                                                              Size (bytes):155648
                                                                                              Entropy (8bit):0.6777241172227598
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:ADj/sqhH+bDo3iN0Z2TVJkXBBE3ybLD3j:gDxhIU3iGAIBBE3qnz
                                                                                              MD5:42178F78E19A7B679369EFBC65D4DB91
                                                                                              SHA1:9E3E776EE018214605A35FFED1BEEE44EFC1E875
                                                                                              SHA-256:C72DEB471ED47CB04B077BB1AB26DF6EB20891FD68D04EACCBDE3A02F990484C
                                                                                              SHA-512:030E88A1B31E9908EB938B8C18C96147BE869BF35A04031FB0AA0809EFE2A208501B15AABD8B5091BEAB1440A7ACB2D8AD2766EA43E6A5035D80FF01A64D7A39
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):8720
                                                                                              Entropy (8bit):0.2191763562065486
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:Wl/ntFlljq7A/mhWJFuQ3yy7IOWUmL94/dweytllrE9SFcTp4AGbNCV9RUIJ:WO75fO4L+/d0Xi99pEY3
                                                                                              MD5:1BD234C39A870020C3C64FEBBE3FA9AF
                                                                                              SHA1:41DD4931F1329B241066A624ECF8EE977AB1DCA4
                                                                                              SHA-256:8C921A433146C5B783F71FC72E4FBBFC42D4EF11631335B5DED2EBB126C8F885
                                                                                              SHA-512:8F30C4A8660A4A3189EFD4F55C4722EF2A49C7E9845496182F9D11123CD59FBA8844B23B01E7A4E2317C7AA380830EB4CD9EB13BCD984A02F7EFED6B227D990E
                                                                                              Malicious:false
                                                                                              Preview:.............~.....&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):115717
                                                                                              Entropy (8bit):5.183660917461099
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                              MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                              SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                              SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                              SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                              Malicious:false
                                                                                              Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                              Category:dropped
                                                                                              Size (bytes):45056
                                                                                              Entropy (8bit):3.918460570504517
                                                                                              Encrypted:false
                                                                                              SSDEEP:384:jj9P04EQkQer0cVP/Kbtpjlfhw773pL8gam6ISRKToaAu:jdUe23VP/IlfO7BCRKcC
                                                                                              MD5:28F95A5CD74678121F5DED17BD155E5F
                                                                                              SHA1:5A8E4B497B0DB82D1BCBE1FC4B7716F7159C256D
                                                                                              SHA-256:E2BA07351F7A9E65AF2EF996222880FAB41FA555CCB38C865C306C5E07D78237
                                                                                              SHA-512:3A00634F97939E0899DB817F9AD165F0C0F1BEBE36250D80BE5332CAA6FF9144161A9F509E7EFC942F3F0D99A76D23DB9F7E16EFBA556E7656B4EBC2434DFD42
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):408
                                                                                              Entropy (8bit):5.254837120713222
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:PKqN4v4Yeb8rcHEZrELFUt82WlJ/+2mID5LYeb8rcHEZrEZSJ:iIK4Yeb8nZrExg8NfVLYeb8nZrEZe
                                                                                              MD5:4D10353B1E58210266ABFBE9E8A4B4A5
                                                                                              SHA1:26ADAA2B8B3129C9A36E2D6D6119A758B1774045
                                                                                              SHA-256:95B16745D45EE73A573E66E6B8E55C2914C480EA8895D8EAF264F322C6174592
                                                                                              SHA-512:119100448E68087D8D15C9BF6449945902C70A67880F9EBFD82AD08B4C1FE9A3AA5F110A4F9A5F444FFD6BAB6049A460F43B7ED3832D631E4132F5CAB1E797DB
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:12.324 1820 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/09/05-08:31:12.325 1820 Recovering log #3.2024/09/05-08:31:12.328 1820 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):408
                                                                                              Entropy (8bit):5.254837120713222
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:PKqN4v4Yeb8rcHEZrELFUt82WlJ/+2mID5LYeb8rcHEZrEZSJ:iIK4Yeb8nZrExg8NfVLYeb8nZrEZe
                                                                                              MD5:4D10353B1E58210266ABFBE9E8A4B4A5
                                                                                              SHA1:26ADAA2B8B3129C9A36E2D6D6119A758B1774045
                                                                                              SHA-256:95B16745D45EE73A573E66E6B8E55C2914C480EA8895D8EAF264F322C6174592
                                                                                              SHA-512:119100448E68087D8D15C9BF6449945902C70A67880F9EBFD82AD08B4C1FE9A3AA5F110A4F9A5F444FFD6BAB6049A460F43B7ED3832D631E4132F5CAB1E797DB
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:12.324 1820 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/09/05-08:31:12.325 1820 Recovering log #3.2024/09/05-08:31:12.328 1820 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):336
                                                                                              Entropy (8bit):5.1471232226051615
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PvMKjIq2P923oH+Tcwt8a2jMGIFUt82vPZmw+2vudPkwO923oH+Tcwt8a2jMmLJ:PljIv4Yeb8EFUt823/+2mdP5LYeb8bJ
                                                                                              MD5:EF890E133D817D14F7B10FC3D437C911
                                                                                              SHA1:E324B871CEA417BD0BB946E743B3425E17720F20
                                                                                              SHA-256:1226993A9864B56C153CB46A1629DB5650AC10819B6E03AE8D3FBBD5C56A1411
                                                                                              SHA-512:F57166FEB532A88489A0C734677F838824B83EA70C6D5046DD12676BDA4A309FAAC7E8D1B0C53CFED074FDC1DDA8B76D3009F21C45CED1DB06A9FEDA5AFA844C
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.082 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/09/05-08:31:09.086 1c84 Recovering log #3.2024/09/05-08:31:09.089 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):336
                                                                                              Entropy (8bit):5.1471232226051615
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PvMKjIq2P923oH+Tcwt8a2jMGIFUt82vPZmw+2vudPkwO923oH+Tcwt8a2jMmLJ:PljIv4Yeb8EFUt823/+2mdP5LYeb8bJ
                                                                                              MD5:EF890E133D817D14F7B10FC3D437C911
                                                                                              SHA1:E324B871CEA417BD0BB946E743B3425E17720F20
                                                                                              SHA-256:1226993A9864B56C153CB46A1629DB5650AC10819B6E03AE8D3FBBD5C56A1411
                                                                                              SHA-512:F57166FEB532A88489A0C734677F838824B83EA70C6D5046DD12676BDA4A309FAAC7E8D1B0C53CFED074FDC1DDA8B76D3009F21C45CED1DB06A9FEDA5AFA844C
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.082 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/09/05-08:31:09.086 1c84 Recovering log #3.2024/09/05-08:31:09.089 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\MediaDeviceSalts

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 6, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                              Category:dropped
                                                                                              Size (bytes):24576
                                                                                              Entropy (8bit):0.4041580736168485
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:TLiCwbvwsw9VwLwcORslcDw3wJ6UwccI5fB5IRSjdp:TxKX0wxORAmA/U1cEB5IRSjdp
                                                                                              MD5:DF81109806211C4820F31345299454C4
                                                                                              SHA1:580945A7C6921DE4B257199FD4B1CCF7739730DD
                                                                                              SHA-256:33B489BA05246F625B44BC47FCF8FDABCC886167EC0B951E81E8B499FF4845C1
                                                                                              SHA-512:2C54E6BA966F62E05A8ECD6C6FD6A3B59F7B1C087FF2662FA4FCFD222D1B766F20F74A2DAC26521B9EDA1580966AB7BD134CD4BCA433851AA508A793111D28F8
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...p."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\14f51c3d-8b0b-4803-b3fa-d58e55ebcdd4.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2949
                                                                                              Entropy (8bit):5.313953535953025
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:YcgCzsjtslAffcKsegsPCileeEsiacsV4akEs8+Hp/qs7+HisV+HMCbxo+:FsBfdnVke+aB4akY4pd4D4hVo+
                                                                                              MD5:A98C19A187F6872F40CF740D0AE123A9
                                                                                              SHA1:CC32C991D28F44A9839E422CA987087ACE8EB382
                                                                                              SHA-256:EE5154861644D97A634C8F54D770E0CF3AEBD210E453689EF641C75BC68846C0
                                                                                              SHA-512:0C635D584BABF42C64486154287D05F9B773D3D3E6FD67D2E049781EB5F509BACB5B80E845C2E9A308544B9304A01AB26163D5B681CA610A8571C1988D60A7B4
                                                                                              Malicious:false
                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605070894581","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605073479700","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13372605073618754","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://fonts.gstatic.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"133701066

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\450d4fc0-69dc-4fff-8635-8d3994500d83.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\65c04d9f-6c5f-4311-be65-911690178863.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):188
                                                                                              Entropy (8bit):5.293313369187512
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YWRAWNjZS5L0PI0omRSSXmQh3wYHGKB8HQXwlm9yJUA6XcIR6RX77XMqZtjLobSQ:YWyWNgJ0Bv31dB8wXwlmUUAnIMp5neSQ
                                                                                              MD5:F24D2BFEE060CF9F99DEFFBF255DCEBB
                                                                                              SHA1:32EDF6CC8D451CBF2482AE377AFF2A4D2CCE6BAC
                                                                                              SHA-256:4AB8CF73B246BC367A9245A88BE465335EEC56BD28015C9275C414E29A3AAD44
                                                                                              SHA-512:C661AD73D2BC2F56FF2C212E47370645C1EC56FF592050E23FF9098ECB28820D909B5333CA6224B814AB000EDDB0A8809E20C514180ED3F55F6BE8A148D92BD7
                                                                                              Malicious:false
                                                                                              Preview:{"sts":[{"expiry":1757075539.283709,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1725539539.283713}],"version":2}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\77c1d812-c358-4781-a098-6dae93accbee.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7d217164-fcb2-4fcc-952d-ff338187d180.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):188
                                                                                              Entropy (8bit):5.279781598971112
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YWRAWNjZSmGO5Y8PI0omRSSXmQh3wYHGKB8HQXwlm9yJUA6XcIR6RX77XMqZr615:YWyWNgalBv31dB8wXwlmUUAnIMp5BuN/
                                                                                              MD5:54BE2FDD1B08EA2815032864CAAB1C62
                                                                                              SHA1:1E309100B6F6CC55663A17B2CC6C0E0AD4107AFD
                                                                                              SHA-256:8B8962E2C13A0BC3CE455C8282D56088DC246E50E964CD25A0C084E6455CC477
                                                                                              SHA-512:2777AA468840F77B15DEB93F853EBC8771F8393CCDF6C0B0D3ECBAEF507108F473956651EC3EB88843511CAB61760A09DC011EE2318D01C4539FF3266B2C0847
                                                                                              Malicious:false
                                                                                              Preview:{"sts":[{"expiry":1757075479.237312,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1725539479.237317}],"version":2}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 9, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 9
                                                                                              Category:dropped
                                                                                              Size (bytes):20480
                                                                                              Entropy (8bit):1.0841777858295671
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:T2dKLopF+SawLUO1Xj8BzRWsoPsDYL/d5/TPOFyPr:ige+Au+/Txr
                                                                                              MD5:1E6205C80219CCDF49DC38F9279152C9
                                                                                              SHA1:8BA8D6CE7197417BD3403DD75B430E3E381B8FC6
                                                                                              SHA-256:D893FC652CEE69D22BAA6D539369097E67697302ADAC7A93EEB3619928CCB71B
                                                                                              SHA-512:3E794F632B4BAA1D022DECA34A76865181087A60AC028629D63CD61E1CF28EEABA849320B390739590018581DEF54D95DB61C2D9F1AABA27AEECF3D049CB328C
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1419
                                                                                              Entropy (8bit):5.336394944460292
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7nbI+:YXs/tsbfc7leeEscgCgakhYhbxo+
                                                                                              MD5:BF6BA1797785A5763A0088569A24FE85
                                                                                              SHA1:62B9D7386B7BDD97B816063ED0D9CC0D912EB130
                                                                                              SHA-256:40C6B39ED9B1E473CBD7027290D7996D15139F0B5BDC4BA6769E8FE8467BBA4E
                                                                                              SHA-512:FE46026F5F2C16522DBA26D256C0831DA94254C432E5C2CC77F864E6D7E0F1D9C66A50726AF91B06D54EC124C21D1C73744CB2D9CC016BD9FE7200823698D729
                                                                                              Malicious:false
                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF44bda.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1419
                                                                                              Entropy (8bit):5.336394944460292
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7nbI+:YXs/tsbfc7leeEscgCgakhYhbxo+
                                                                                              MD5:BF6BA1797785A5763A0088569A24FE85
                                                                                              SHA1:62B9D7386B7BDD97B816063ED0D9CC0D912EB130
                                                                                              SHA-256:40C6B39ED9B1E473CBD7027290D7996D15139F0B5BDC4BA6769E8FE8467BBA4E
                                                                                              SHA-512:FE46026F5F2C16522DBA26D256C0831DA94254C432E5C2CC77F864E6D7E0F1D9C66A50726AF91B06D54EC124C21D1C73744CB2D9CC016BD9FE7200823698D729
                                                                                              Malicious:false
                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                              Category:dropped
                                                                                              Size (bytes):36864
                                                                                              Entropy (8bit):1.3301529962720653
                                                                                              Encrypted:false
                                                                                              SSDEEP:96:uIEumQv8m1ccnvS6ZDo2dQF2YQ9UZh1hRVkI:uIEumQv8m1ccnvS66282rUZhzd
                                                                                              MD5:247209E7E09121023F0BCA423BAE9F42
                                                                                              SHA1:08839A4471431F082AC24833213647C31F19C10C
                                                                                              SHA-256:01CBC0110DE7B73E5F1F89B46A80A30D43BD17A46824F73B736CE54C07776D6F
                                                                                              SHA-512:2EA91606BB866F04DE2EF2764F239545B36C05D2AEA3E3DA08BFC052AEF674C92C31439FB1F18B2833ACCA85CC4554CC1B7D4907CB35EB94EEB8405B8E6AB306
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF34595.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF36236.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF364b6.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):40
                                                                                              Entropy (8bit):4.1275671571169275
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                              Malicious:false
                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):188
                                                                                              Entropy (8bit):5.279781598971112
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YWRAWNjZSmGO5Y8PI0omRSSXmQh3wYHGKB8HQXwlm9yJUA6XcIR6RX77XMqZr615:YWyWNgalBv31dB8wXwlmUUAnIMp5BuN/
                                                                                              MD5:54BE2FDD1B08EA2815032864CAAB1C62
                                                                                              SHA1:1E309100B6F6CC55663A17B2CC6C0E0AD4107AFD
                                                                                              SHA-256:8B8962E2C13A0BC3CE455C8282D56088DC246E50E964CD25A0C084E6455CC477
                                                                                              SHA-512:2777AA468840F77B15DEB93F853EBC8771F8393CCDF6C0B0D3ECBAEF507108F473956651EC3EB88843511CAB61760A09DC011EE2318D01C4539FF3266B2C0847
                                                                                              Malicious:false
                                                                                              Preview:{"sts":[{"expiry":1757075479.237312,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1725539479.237317}],"version":2}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF46b1a.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):188
                                                                                              Entropy (8bit):5.279781598971112
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YWRAWNjZSmGO5Y8PI0omRSSXmQh3wYHGKB8HQXwlm9yJUA6XcIR6RX77XMqZr615:YWyWNgalBv31dB8wXwlmUUAnIMp5BuN/
                                                                                              MD5:54BE2FDD1B08EA2815032864CAAB1C62
                                                                                              SHA1:1E309100B6F6CC55663A17B2CC6C0E0AD4107AFD
                                                                                              SHA-256:8B8962E2C13A0BC3CE455C8282D56088DC246E50E964CD25A0C084E6455CC477
                                                                                              SHA-512:2777AA468840F77B15DEB93F853EBC8771F8393CCDF6C0B0D3ECBAEF507108F473956651EC3EB88843511CAB61760A09DC011EE2318D01C4539FF3266B2C0847
                                                                                              Malicious:false
                                                                                              Preview:{"sts":[{"expiry":1757075479.237312,"host":"8/RrMmQlCD2Gsp14wUCE1P8r7B2C5+yE0+g79IPyRsc=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1725539479.237317}],"version":2}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ba8bc3a4-eb42-4a35-89fc-96395d696325.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1419
                                                                                              Entropy (8bit):5.336394944460292
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7nbI+:YXs/tsbfc7leeEscgCgakhYhbxo+
                                                                                              MD5:BF6BA1797785A5763A0088569A24FE85
                                                                                              SHA1:62B9D7386B7BDD97B816063ED0D9CC0D912EB130
                                                                                              SHA-256:40C6B39ED9B1E473CBD7027290D7996D15139F0B5BDC4BA6769E8FE8467BBA4E
                                                                                              SHA-512:FE46026F5F2C16522DBA26D256C0831DA94254C432E5C2CC77F864E6D7E0F1D9C66A50726AF91B06D54EC124C21D1C73744CB2D9CC016BD9FE7200823698D729
                                                                                              Malicious:false
                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e3c0fdc0-c844-4064-b466-04bf84bc3d30.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):40
                                                                                              Entropy (8bit):4.1275671571169275
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                              Malicious:false
                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\fb3b03aa-47f4-4c1a-8ea7-c8e58258159a.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\fc0c8301-c114-45e8-b7c5-3411d6b56eeb.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                              Category:dropped
                                                                                              Size (bytes):20480
                                                                                              Entropy (8bit):0.7391107375212417
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:TLSnAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3isvhldvd0dtdjiG1d6XfN:TLSOUOq0afDdWec9sJAhvlXI7J5fc
                                                                                              MD5:A74BFDCBFB880F469AD54BEF7B1B0C88
                                                                                              SHA1:0012DD82FEB43839A30557EAF9E8DB2EB7259142
                                                                                              SHA-256:63DFF3D10BF10F8F5326776956AF6DE1463CF0A14792C4451D4A76EFA1BF4BA2
                                                                                              SHA-512:203FC220BF05344052340CCC6F77233669C200FDC6596EEE6F5D1E2203328D7D116BF07DE664D1D60EA2CD96F006406A9F0A2035BFAA86C93A103193E6EA4583
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):12523
                                                                                              Entropy (8bit):5.207081000606418
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDigabatSuyIfsyusZihUky3k8wbV+FICQA66WdaFIMYQPUYJ:stuPGKSudsyufhlbGBQx6WdaTY4
                                                                                              MD5:F222AD568EBC91E86C3EF8A9E081CE7B
                                                                                              SHA1:AADA18B134F174260AE7BF8410F232A8E264B077
                                                                                              SHA-256:31F5D4C048E67CC52439D382828A21E3025E82A229FA04AA64CE810644F560F4
                                                                                              SHA-512:FCA194EA4485C51DDC64F8C7C9686814BCAEC924968186F8E06AE574F59BA7394ADF5A53DC6228116878E7F1261EBE90961CAD0D0772AA64631504AF2743FD57
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3807c.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):12523
                                                                                              Entropy (8bit):5.207081000606418
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDigabatSuyIfsyusZihUky3k8wbV+FICQA66WdaFIMYQPUYJ:stuPGKSudsyufhlbGBQx6WdaTY4
                                                                                              MD5:F222AD568EBC91E86C3EF8A9E081CE7B
                                                                                              SHA1:AADA18B134F174260AE7BF8410F232A8E264B077
                                                                                              SHA-256:31F5D4C048E67CC52439D382828A21E3025E82A229FA04AA64CE810644F560F4
                                                                                              SHA-512:FCA194EA4485C51DDC64F8C7C9686814BCAEC924968186F8E06AE574F59BA7394ADF5A53DC6228116878E7F1261EBE90961CAD0D0772AA64631504AF2743FD57
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3cb5f.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):12523
                                                                                              Entropy (8bit):5.207081000606418
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDigabatSuyIfsyusZihUky3k8wbV+FICQA66WdaFIMYQPUYJ:stuPGKSudsyufhlbGBQx6WdaTY4
                                                                                              MD5:F222AD568EBC91E86C3EF8A9E081CE7B
                                                                                              SHA1:AADA18B134F174260AE7BF8410F232A8E264B077
                                                                                              SHA-256:31F5D4C048E67CC52439D382828A21E3025E82A229FA04AA64CE810644F560F4
                                                                                              SHA-512:FCA194EA4485C51DDC64F8C7C9686814BCAEC924968186F8E06AE574F59BA7394ADF5A53DC6228116878E7F1261EBE90961CAD0D0772AA64631504AF2743FD57
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3f6b5.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):12523
                                                                                              Entropy (8bit):5.207081000606418
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDigabatSuyIfsyusZihUky3k8wbV+FICQA66WdaFIMYQPUYJ:stuPGKSudsyufhlbGBQx6WdaTY4
                                                                                              MD5:F222AD568EBC91E86C3EF8A9E081CE7B
                                                                                              SHA1:AADA18B134F174260AE7BF8410F232A8E264B077
                                                                                              SHA-256:31F5D4C048E67CC52439D382828A21E3025E82A229FA04AA64CE810644F560F4
                                                                                              SHA-512:FCA194EA4485C51DDC64F8C7C9686814BCAEC924968186F8E06AE574F59BA7394ADF5A53DC6228116878E7F1261EBE90961CAD0D0772AA64631504AF2743FD57
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF440af.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):12523
                                                                                              Entropy (8bit):5.207081000606418
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDigabatSuyIfsyusZihUky3k8wbV+FICQA66WdaFIMYQPUYJ:stuPGKSudsyufhlbGBQx6WdaTY4
                                                                                              MD5:F222AD568EBC91E86C3EF8A9E081CE7B
                                                                                              SHA1:AADA18B134F174260AE7BF8410F232A8E264B077
                                                                                              SHA-256:31F5D4C048E67CC52439D382828A21E3025E82A229FA04AA64CE810644F560F4
                                                                                              SHA-512:FCA194EA4485C51DDC64F8C7C9686814BCAEC924968186F8E06AE574F59BA7394ADF5A53DC6228116878E7F1261EBE90961CAD0D0772AA64631504AF2743FD57
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparison\PriceComparisonAssetStore.db\000001.dbtmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):16
                                                                                              Entropy (8bit):3.2743974703476995
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                              Malicious:false
                                                                                              Preview:MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparison\PriceComparisonAssetStore.db\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:modified
                                                                                              Size (bytes):83572
                                                                                              Entropy (8bit):5.664172583366587
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:DL0/Ry7vm2lhq4ljc+PjfOzBu+RMDVogUlcPCcBjjmny8dLA8j7baD7:DL6yLm2fq4pc+rCAogU2CcBjj3YAg7mn
                                                                                              MD5:AAB4E1FDC50C501D29A5FAAA31F78960
                                                                                              SHA1:CF7984390991018EFE2CF45510F73AB38642D4AC
                                                                                              SHA-256:E92ABC11DB6C7AE65DD239B0F30130F96C8444643EF2B05F0CCC629942D4992A
                                                                                              SHA-512:FEA5924977026DF10BCCF80F034EA024E83B82D6B7D88352B9BAF7594739BBEE5FCC5B9396E975DC6C1C46B376736677D064E642E931034CF8807D6BDE202696
                                                                                              Malicious:false
                                                                                              Preview:...m.................DB_VERSION.1...j...............(QUERY_TIMESTAMP:product_category_en1.*.*.13370013079254698..QUERY:product_category_en1.*.*..[{"name":"product_category_en","url":"https://edgeassetservice.azureedge.net/assets/product_category_en/1.0.0/asset?assetgroup=ProductCategories","version":{"major":1,"minor":0,"patch":0},"hash":"r2jWYy3aqoi3+S+aPyOSfXOCPeLSy5AmAjNHvYRv9Hg=","size":82989}]...yg~..............!ASSET_VERSION:product_category_en.1.0.0..ASSET:product_category_en...."..3....Car & Garage..Belts & Hoses.#..+....Sports & Outdoors..Air Pumps.!.."....Car & Garage..Body Styling.4..5./..Gourmet Food & Chocolate..Spices & Seasonings.'..,."..Sports & Outdoors..Sleeping Gear.!..6....Lawn & Garden..Hydroponics.9.a.5..Books & Magazines. Gay & Lesbian Interest Magazines....+....Office Products..Pins.,..3.'..Kitchen & Housewares..Coffee Grinders.$..#....Computing..Enterprise Servers.#..&....Home Furnishings..Footboards.6...2..Books & Magazines..Computer & Internet Magazines.)..

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparison\PriceComparisonAssetStore.db\CURRENT (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):16
                                                                                              Entropy (8bit):3.2743974703476995
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                              Malicious:false
                                                                                              Preview:MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparison\PriceComparisonAssetStore.db\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):309
                                                                                              Entropy (8bit):5.173473581192165
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:P7w1923oH+TcwtgctZQInvB2KLllMEq2P923oH+TcwtgctZQInvIFUv:P7tYebgGZznvFLnMEv4YebgGZznQFUv
                                                                                              MD5:2093224B2F7A63B3491C935C06CB67D3
                                                                                              SHA1:DF11EA2B8F0A771879BBC035552691DA02478988
                                                                                              SHA-256:A7C521F4CDAA43C0FF9A8F228B4E92B76E0F748F650E45D2C71BE1788218D646
                                                                                              SHA-512:CE3B3101105FBD04F7C408AD8F7CC6148E4B6C6428FF020D146E5608CB6F8F113BD4D68C9BB05B0E805C0AF1E5491377A059129D20EB5B654DD75590C50A2E59
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:18.431 22e0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparisonAssetStore.db since it was missing..2024/09/05-08:31:18.547 22e0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparisonAssetStore.db/MANIFEST-000001.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparison\PriceComparisonAssetStore.db\MANIFEST-000001

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:OpenPGP Secret Key
                                                                                              Category:dropped
                                                                                              Size (bytes):41
                                                                                              Entropy (8bit):4.704993772857998
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                              Malicious:false
                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):35272
                                                                                              Entropy (8bit):5.556546860023451
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:X/JfJSWPawfzk8F1+UoAYDCx9Tuqh0VfUC9xbog/OVzxbDkrwTO8p0qKp9tuO:X/JfJSWPawfzku1jaWhD9TO8Lgt9
                                                                                              MD5:1606E14F82AD0BF873B2C3627AEBCC42
                                                                                              SHA1:525B5E42BD4381FDBD4224BFBEC0441C3A80B1C5
                                                                                              SHA-256:96127C7B42D83A18A66EA8AB4BD4CDFEBAEBF6A0842EC4CFB83093E18FFB7871
                                                                                              SHA-512:4B95F1C6942B3B873B76B97FC89A535E8BC5F1E40BFC549A07708C7B67904A85F206415DB33883E86069DE797469FD7295E4B1D12FAAE5AB4BA5807E18ED6643
                                                                                              Malicious:false
                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13370013068441405","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13370013068441405","location":5,"ma

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF387bf.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):35272
                                                                                              Entropy (8bit):5.556546860023451
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:X/JfJSWPawfzk8F1+UoAYDCx9Tuqh0VfUC9xbog/OVzxbDkrwTO8p0qKp9tuO:X/JfJSWPawfzku1jaWhD9TO8Lgt9
                                                                                              MD5:1606E14F82AD0BF873B2C3627AEBCC42
                                                                                              SHA1:525B5E42BD4381FDBD4224BFBEC0441C3A80B1C5
                                                                                              SHA-256:96127C7B42D83A18A66EA8AB4BD4CDFEBAEBF6A0842EC4CFB83093E18FFB7871
                                                                                              SHA-512:4B95F1C6942B3B873B76B97FC89A535E8BC5F1E40BFC549A07708C7B67904A85F206415DB33883E86069DE797469FD7295E4B1D12FAAE5AB4BA5807E18ED6643
                                                                                              Malicious:false
                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13370013068441405","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13370013068441405","location":5,"ma

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):440
                                                                                              Entropy (8bit):4.603175108323626
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:S+a8ljljljljlF/UQ9+Cb4Q3QknGz3A/XkAvkAvkAv:Ra0ZZZZF/UohBhG0Xk8k8k8
                                                                                              MD5:A587BAE5D6E66C089663AA9206E118B0
                                                                                              SHA1:95066C5AAAF98FDEA7801CDA8FAA1DEB987F832D
                                                                                              SHA-256:E5944959659AEC542BBE3986826C89F2ACDAC12B34031551EAC02C93752502A3
                                                                                              SHA-512:5EEEEFB90CE81AC1AB7CDADB7591733262C6E5F60FEB583A717170F481E1209F6850B598D9779D7ECC6DEA7FB51B4101530947B7E09CD9AF6696B2A59E332EB1
                                                                                              Malicious:false
                                                                                              Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f...............8...j................next-map-id.1.Knamespace-61b1678f_ee44_402b_8b36_26622ebc58e8-https://accounts.google.com/.0nh.fk................next-map-id.2.Lnamespace-61b1678f_ee44_402b_8b36_26622ebc58e8-https://accounts.youtube.com/.1. .................. .................. .................. .................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):324
                                                                                              Entropy (8bit):5.107218441150491
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PvLjL+q2P923oH+TcwtrQMxIFUt82vkF0o1Zmw+2xFbLVkwO923oH+TcwtrQMFLJ:PD3+v4YebCFUt82Fo1/+2xFfV5LYebtJ
                                                                                              MD5:25A6E44C0FFB62FB6173ED7DEDDF87A3
                                                                                              SHA1:6CC4E25241CF14EAF97A951A9589BC31C7928D29
                                                                                              SHA-256:877F52BC83448C41D67A5E57ABAF8BEAC6C564B16CDD64D780EF790223CA7B52
                                                                                              SHA-512:12BDF68B5EFBE47B3725A0415DC1E10C1EB8665E8B19C34D7A4495DEB7DBDEAA123FAAE76016AE6BE007754391202D2C767AC6AA46C693095C2D27905D5F426A
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.086 1c9c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/09/05-08:31:09.090 1c9c Recovering log #3.2024/09/05-08:31:09.129 1c9c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):324
                                                                                              Entropy (8bit):5.107218441150491
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PvLjL+q2P923oH+TcwtrQMxIFUt82vkF0o1Zmw+2xFbLVkwO923oH+TcwtrQMFLJ:PD3+v4YebCFUt82Fo1/+2xFfV5LYebtJ
                                                                                              MD5:25A6E44C0FFB62FB6173ED7DEDDF87A3
                                                                                              SHA1:6CC4E25241CF14EAF97A951A9589BC31C7928D29
                                                                                              SHA-256:877F52BC83448C41D67A5E57ABAF8BEAC6C564B16CDD64D780EF790223CA7B52
                                                                                              SHA-512:12BDF68B5EFBE47B3725A0415DC1E10C1EB8665E8B19C34D7A4495DEB7DBDEAA123FAAE76016AE6BE007754391202D2C767AC6AA46C693095C2D27905D5F426A
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.086 1c9c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/09/05-08:31:09.090 1c9c Recovering log #3.2024/09/05-08:31:09.129 1c9c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13370013070951362

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):7953
                                                                                              Entropy (8bit):4.195898434867962
                                                                                              Encrypted:false
                                                                                              SSDEEP:96:3aT7o2O1Hxbfm21HxbfmvDEQ6nPQLUZcW3DYQ6nPQLU0D1eL53nyLsB:3aQRFqDE3PeUNDY3PeU0D1eL53y
                                                                                              MD5:BCCEF7913888EE39D50E0661750C39B8
                                                                                              SHA1:95BE5DB8534F86456518FC89F7394204A1CF3B59
                                                                                              SHA-256:4CCF0216B5448B0901D31BD69DDEDF18FB289C5AFAEB13C9EE018AD6225A9D8A
                                                                                              SHA-512:AEB15EB27B278FE154883D97A70023A772E137CAE70B0DC84B754A2BD8486C02C0D4D3ACA82DADD24EA4F6B1AA6831970E32EEA350B4064B3D8237193A6DDD41
                                                                                              Malicious:false
                                                                                              Preview:SNSS.............................."...................................................!..........................................1..,......$...61b1678f_ee44_402b_8b36_26622ebc58e8......................z.........................................................................................5..0......&...{98952893-68FF-4A5D-A164-705C709ED3DB}........................................o...Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36.........................Not;A=Brand.....8.......Chromium....117.....Google Chrome.......117.........Not;A=Brand.....8.0.0.0.....Chromium....117.0.5938.132......Google Chrome.......117.0.5938.132......117.0.5938.132......Windows.....10.0.0......x86.............64.........................................o...Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36.........................Not;A=Brand.....8.......Chromium...

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                              Category:dropped
                                                                                              Size (bytes):20480
                                                                                              Entropy (8bit):0.44194574462308833
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                              MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                              SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                              SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                              SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):352
                                                                                              Entropy (8bit):5.16410204777998
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIPFN+q2P923oH+Tcwt7Uh2ghZIFUt82IU6Zmw+2IUtVkwO923oH+Tcwt7Uh2gnd:PIWv4YebIhHh2FUt82IU6/+2IUT5LYeQ
                                                                                              MD5:2E855B90DDDC50C33995AEF6D0664CCC
                                                                                              SHA1:C50BD93F61AC26DEDC20091153F6DF3D298B1422
                                                                                              SHA-256:4CECA63F01B41C1B7E4F2DE47C322D63DB5F1DBF2D06C45C0E7D37D689C54FF5
                                                                                              SHA-512:4456C594D945345E146F215AF50C20851F91D4DA6FBE512B519C51BBAEBED76AD10F085FEC3485A96386F9A3410C362E3276DE2A063C9B1DE3E1AECB6F98F76C
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.571 1938 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/09/05-08:31:08.586 1938 Recovering log #3.2024/09/05-08:31:08.602 1938 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):352
                                                                                              Entropy (8bit):5.16410204777998
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIPFN+q2P923oH+Tcwt7Uh2ghZIFUt82IU6Zmw+2IUtVkwO923oH+Tcwt7Uh2gnd:PIWv4YebIhHh2FUt82IU6/+2IUT5LYeQ
                                                                                              MD5:2E855B90DDDC50C33995AEF6D0664CCC
                                                                                              SHA1:C50BD93F61AC26DEDC20091153F6DF3D298B1422
                                                                                              SHA-256:4CECA63F01B41C1B7E4F2DE47C322D63DB5F1DBF2D06C45C0E7D37D689C54FF5
                                                                                              SHA-512:4456C594D945345E146F215AF50C20851F91D4DA6FBE512B519C51BBAEBED76AD10F085FEC3485A96386F9A3410C362E3276DE2A063C9B1DE3E1AECB6F98F76C
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.571 1938 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/09/05-08:31:08.586 1938 Recovering log #3.2024/09/05-08:31:08.602 1938 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):270336
                                                                                              Entropy (8bit):0.0012471779557650352
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                              MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                              SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                              SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                              SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                              Malicious:false
                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):270336
                                                                                              Entropy (8bit):0.0012471779557650352
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                              MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                              SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                              SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                              SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                              Malicious:false
                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):434
                                                                                              Entropy (8bit):5.2388482347854195
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:P/jIq2P923oH+TcwtzjqEKj3K/2jMGIFUt82kZmw+29WkwO923oH+TcwtzjqEKjd:PUv4YebvqBQFUt82k/+29W5LYebvqBvJ
                                                                                              MD5:9FE33A5D77EB214D0DF0D15FF52F3788
                                                                                              SHA1:1AAF14F649F653C6D2167F5C074F04C4B1B4DF3C
                                                                                              SHA-256:DCEAD132AB6F18666354DF21046A3B0EFBC66561515D9D75C703CC28DD2156BF
                                                                                              SHA-512:9A4C7FFBC035C9E449756D1A0702693A07E11602AD699E39134539C3078F9F20418CD1E20F3B64E65F4B1AE69D3954BE272FD672BF554FBD1DBF14B65C232A57
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.387 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/09/05-08:31:09.388 1c84 Recovering log #3.2024/09/05-08:31:09.393 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):434
                                                                                              Entropy (8bit):5.2388482347854195
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:P/jIq2P923oH+TcwtzjqEKj3K/2jMGIFUt82kZmw+29WkwO923oH+TcwtzjqEKjd:PUv4YebvqBQFUt82k/+29W5LYebvqBvJ
                                                                                              MD5:9FE33A5D77EB214D0DF0D15FF52F3788
                                                                                              SHA1:1AAF14F649F653C6D2167F5C074F04C4B1B4DF3C
                                                                                              SHA-256:DCEAD132AB6F18666354DF21046A3B0EFBC66561515D9D75C703CC28DD2156BF
                                                                                              SHA-512:9A4C7FFBC035C9E449756D1A0702693A07E11602AD699E39134539C3078F9F20418CD1E20F3B64E65F4B1AE69D3954BE272FD672BF554FBD1DBF14B65C232A57
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.387 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/09/05-08:31:09.388 1c84 Recovering log #3.2024/09/05-08:31:09.393 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\044d7ad8-5253-47f6-baec-4ec1fd1d8e70.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):144
                                                                                              Entropy (8bit):4.842082263530856
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiBn1KKyRY:YHpoeS7PMVKJTnMRK3B1KF+
                                                                                              MD5:F32592F4926E25E0D647EA7E4CBCD3FE
                                                                                              SHA1:4126DAA71810BDC438563699F77D5DA66DD3295E
                                                                                              SHA-256:BB0A228D78AE9A4E3508B13B041710AAA7E658AAA526FA553719851EB4F2303A
                                                                                              SHA-512:96F9B027B0E7E44E14006EAC6DE05A6CF684F5D6427004737CC379DC02875FA1D65C422AB6CA0EF89C0555ACD12B1D99F552894F15EE9EAF1A203FE58835A35D
                                                                                              Malicious:false
                                                                                              Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\3736a277-3739-421d-a18d-dd7fac265fd9.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):144
                                                                                              Entropy (8bit):4.842082263530856
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiBn1KKyRY:YHpoeS7PMVKJTnMRK3B1KF+
                                                                                              MD5:F32592F4926E25E0D647EA7E4CBCD3FE
                                                                                              SHA1:4126DAA71810BDC438563699F77D5DA66DD3295E
                                                                                              SHA-256:BB0A228D78AE9A4E3508B13B041710AAA7E658AAA526FA553719851EB4F2303A
                                                                                              SHA-512:96F9B027B0E7E44E14006EAC6DE05A6CF684F5D6427004737CC379DC02875FA1D65C422AB6CA0EF89C0555ACD12B1D99F552894F15EE9EAF1A203FE58835A35D
                                                                                              Malicious:false
                                                                                              Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF36236.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF364b6.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):40
                                                                                              Entropy (8bit):4.1275671571169275
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                              Malicious:false
                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                              Category:dropped
                                                                                              Size (bytes):36864
                                                                                              Entropy (8bit):0.3886039372934488
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                              MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                              SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                              SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                              SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\c838f2fc-95b6-40fd-92b7-b18e122ed6b1.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):40
                                                                                              Entropy (8bit):4.1275671571169275
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                              Malicious:false
                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\db636191-38c0-4f0f-a5f9-f8b11060742a.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\f83e2c43-ab17-42d2-a0ac-cf56b5c7fa41.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2
                                                                                              Entropy (8bit):1.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:H:H
                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                              Malicious:false
                                                                                              Preview:[]

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):80
                                                                                              Entropy (8bit):3.4921535629071894
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                              MD5:69449520FD9C139C534E2970342C6BD8
                                                                                              SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                              SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                              SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                              Malicious:false
                                                                                              Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):422
                                                                                              Entropy (8bit):5.259037768449191
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:PgUav4YebvqBZFUt82g79/+2gg5LYebvqBaJ:4Ug4Yebvyg8ZSKLYebvL
                                                                                              MD5:1020A1C080782D71DEA54D774338A04A
                                                                                              SHA1:F397FB3D9B94364239A81E00D6BA46E974FEB615
                                                                                              SHA-256:E7FC87A3FD32195DCC176A520B77144D1B735CF8CEF14FC29BCA5471C41A2176
                                                                                              SHA-512:4F88A18A8C5643C6D7B27438A915C3658EA4F97724A2F11E20EE1EA804F8DFA526AB2240CB0DE194F88BD82AB05C376717D0969A91CB88991864B73FC321AF5C
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:26.885 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/09/05-08:31:26.886 1c84 Recovering log #3.2024/09/05-08:31:26.889 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):422
                                                                                              Entropy (8bit):5.259037768449191
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:PgUav4YebvqBZFUt82g79/+2gg5LYebvqBaJ:4Ug4Yebvyg8ZSKLYebvL
                                                                                              MD5:1020A1C080782D71DEA54D774338A04A
                                                                                              SHA1:F397FB3D9B94364239A81E00D6BA46E974FEB615
                                                                                              SHA-256:E7FC87A3FD32195DCC176A520B77144D1B735CF8CEF14FC29BCA5471C41A2176
                                                                                              SHA-512:4F88A18A8C5643C6D7B27438A915C3658EA4F97724A2F11E20EE1EA804F8DFA526AB2240CB0DE194F88BD82AB05C376717D0969A91CB88991864B73FC321AF5C
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:26.885 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/09/05-08:31:26.886 1c84 Recovering log #3.2024/09/05-08:31:26.889 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):325
                                                                                              Entropy (8bit):5.1593935227522545
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIwN+q2P923oH+TcwtpIFUt82IwZZmw+2IwNVkwO923oH+Tcwta/WLJ:PIhv4YebmFUt82Ic/+2Ic5LYebaUJ
                                                                                              MD5:A5E8EAA3EB0F8A6DA620DEE931D90FE1
                                                                                              SHA1:B3B39CF85D0D6C68B12270DF7B66C89A46BF7C46
                                                                                              SHA-256:3ED117AE7A98FA786DAA0B8B361B0862916FF226639DA3989875BCB1B6A638DA
                                                                                              SHA-512:EF9FC11FD5D2DF5BA5989175054E405684DA94D09C8A3C18A4E3D04D6A185E3B0D023EB66F50610EC68295C83081892BEEDF98CD336E276F5577C5235E8F3728
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.490 a18 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/09/05-08:31:08.490 a18 Recovering log #3.2024/09/05-08:31:08.490 a18 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):325
                                                                                              Entropy (8bit):5.1593935227522545
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PIwN+q2P923oH+TcwtpIFUt82IwZZmw+2IwNVkwO923oH+Tcwta/WLJ:PIhv4YebmFUt82Ic/+2Ic5LYebaUJ
                                                                                              MD5:A5E8EAA3EB0F8A6DA620DEE931D90FE1
                                                                                              SHA1:B3B39CF85D0D6C68B12270DF7B66C89A46BF7C46
                                                                                              SHA-256:3ED117AE7A98FA786DAA0B8B361B0862916FF226639DA3989875BCB1B6A638DA
                                                                                              SHA-512:EF9FC11FD5D2DF5BA5989175054E405684DA94D09C8A3C18A4E3D04D6A185E3B0D023EB66F50610EC68295C83081892BEEDF98CD336E276F5577C5235E8F3728
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:08.490 a18 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/09/05-08:31:08.490 a18 Recovering log #3.2024/09/05-08:31:08.490 a18 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):131072
                                                                                              Entropy (8bit):0.005582420312713277
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:ImtVF+R5I/xfXE:IiVEY5
                                                                                              MD5:47B8D1BD00B6A10980E43B3B2521B9A5
                                                                                              SHA1:8A4232FBDE7A856808E75E26D38B00B3606B05FA
                                                                                              SHA-256:325B3F03D47B0948D266179770D8A301810168E4E073DF7CAE526BC36E1603C2
                                                                                              SHA-512:EB45D5783C7CCCAFD06C14F1F6967ED95A10434629399660A51D1D32BFC98470ABEE743C03A74671AEC91BD074B0B68387994A11451A769C5C42C1F58AC542A9
                                                                                              Malicious:false
                                                                                              Preview:VLnk.....?......?......+................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                              Category:dropped
                                                                                              Size (bytes):196608
                                                                                              Entropy (8bit):1.2654985948296744
                                                                                              Encrypted:false
                                                                                              SSDEEP:384:8/2qOB1nxCkMISAELyKOMq+8yC8F/YfU5m+OlTLVumg:Bq+n0JI9ELyKOMq+8y9/OwH
                                                                                              MD5:F9770F9C87700211196AD747F9BCBACA
                                                                                              SHA1:33CA8807D5CDFD25346BC967664BB2BD378586A7
                                                                                              SHA-256:F1E9DD3D53BBA44BA012EA27E181089018EC87F0CFAFFA0749DB03D528F59CCB
                                                                                              SHA-512:784709665C68E8E6A1B5E568E5A908714EA020B0B8112EFD31A550794FC101D3783C0BA7D178D7C9F4FAC088EC7F2D8728A57F55304C953DDF113C1A5C9A84CC
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 11, database pages 7, cookie 0xb, schema 4, UTF-8, version-valid-for 11
                                                                                              Category:dropped
                                                                                              Size (bytes):14336
                                                                                              Entropy (8bit):1.4204823643119044
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:fK3tjkSdj5IUltGhp22iSBgj2RyI4pbc2RyI43xj/:ftSjGhp22iS3DODo
                                                                                              MD5:B4252CE533BB67FE32970CCA897F2B5F
                                                                                              SHA1:7AA1BDCF2A7701856C1C77CC9F0894A140AC89AD
                                                                                              SHA-256:C43DE306D2E53A74FCD52DFDCF4FBC0A2C3C3D96E65E0DFA856217A4DB03D1E9
                                                                                              SHA-512:F0A4711CEB6444776380187EC2343163453CC3F2101999490A894EB87E5C6B08B827F50742A621A5EA2ABD193DA272290233A56025C4500BE506CFFB07C84D2A
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..................n..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                              Category:dropped
                                                                                              Size (bytes):40960
                                                                                              Entropy (8bit):0.41235120905181716
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB:v7doKsKuKZKlZNmu46yjx
                                                                                              MD5:981F351994975A68A0DD3ECE5E889FD0
                                                                                              SHA1:080D3386290A14A68FCE07709A572AF98097C52D
                                                                                              SHA-256:3F0C0B2460E0AA2A94E0BF79C8944F2F4835D2701249B34A13FD200F7E5316D7
                                                                                              SHA-512:C5930797C46EEC25D356BAEB6CFE37E9F462DEE2AE8866343B2C382DBAD45C1544EF720D520C4407F56874596B31EFD6822B58A9D3DAE6F85E47FF802DBAA20B
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):11755
                                                                                              Entropy (8bit):5.190465908239046
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                              MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                              SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                              SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                              SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                              Malicious:false
                                                                                              Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b8589818-9671-442f-b145-f325edb3d817.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):13141
                                                                                              Entropy (8bit):5.283584414885215
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:stuJ99QTryDiuabatSuyIfsyusZihaEXxRky3k8wbV+FICQA66WKaFIMYQPUYJ:stuPGQSudsyufhaEXxQbGBQx6WKaTY4
                                                                                              MD5:2B540ABDB3DE8C84693B7205E83568FA
                                                                                              SHA1:E9440F56F33AE9DD17AD4EB077907C4CEBFCE364
                                                                                              SHA-256:EA24E7A29BEE7AF795BFB83718F64A734998CCBF95353912CAC3142B60DE7A8F
                                                                                              SHA-512:9C13199F6269AF0CD86DDE08167D0948002502C759F39F29C199074150D14C8F19085150CDB0281589E297348C921D02B4613AB867C2979285B45AD69F8657A8
                                                                                              Malicious:false
                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13370013069046145","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                              Category:dropped
                                                                                              Size (bytes):28672
                                                                                              Entropy (8bit):0.3410017321959524
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                              MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                              SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                              SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                              SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fd8e1f13-c2fa-4f77-9e6e-fed6445657a6.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):40504
                                                                                              Entropy (8bit):5.561045393625103
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:X/JfRW7pLGLvUSWPawfMk8F1+UoAYDCx9Tuqh0VfUC9xbog/OVYPSxbDkrwTOoI0:X/JfR2cvUSWPawfMku1ja5PShD9TOoQu
                                                                                              MD5:89E9AF8EF188895B297947809B8B5916
                                                                                              SHA1:3317E2AC51F7BAB17A6B7049D209BDAF9468B9EB
                                                                                              SHA-256:47068A878FEF4DD1CD82D2C6ED062EA1CDA4D8FF40AC9B6F0C71E8938D97F792
                                                                                              SHA-512:1DC5FA0A381206DD89C8894AAF4000F1953BCBD0DE580A7E2D382169B81D9E3145531A7E827232753C6A2F9AAE6F3089BA9EB64DD47EB7CE9EFBEDF4AAAC67DD
                                                                                              Malicious:false
                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13370013068441405","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13370013068441405","location":5,"ma

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):32768
                                                                                              Entropy (8bit):0.11573007272121795
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:WtqWtq/4pEjVl/PnnnnnnnnnnnnnnnvoQsUQo8AGS:WtqWtqcoPnnnnnnnnnnnnnnnvN3zd
                                                                                              MD5:CE616C047F9D4DBC7DFBC166CE519FFE
                                                                                              SHA1:9476B47FC26B4198F9CA83E541A6B20F17798A44
                                                                                              SHA-256:E9B2750EE572D2FC56DDF958F2A2897300885B2478828ECEF9552918FAF457F9
                                                                                              SHA-512:21C908AFA4D8FAC081A32A7AC00D2CA2970AB09B3A932C1251F8263D43BC0391A3F5D0F67F5E1A7243FE139585D03721D134D211630C6873E04872CCA8D5341D
                                                                                              Malicious:false
                                                                                              Preview:..-.............]...........R%...4..}....?>;.L...-.............]...........R%...4..}....?>;.L.........Y...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite Write-Ahead Log, version 3007000
                                                                                              Category:dropped
                                                                                              Size (bytes):383192
                                                                                              Entropy (8bit):1.0816822334564629
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:Yg+XmIH+QygMwJpeKyY/l1HiZ1mi41GiMq1kiw1six:yWc51PzvBt1HY1mJ1Gw1kx1sm
                                                                                              MD5:8368C5FFC50ED7332003DF36E2443FC0
                                                                                              SHA1:4D4FC52DC2BCE87DDFBB4943E1DC11E9969F9880
                                                                                              SHA-256:4EFAA296492F729DDF2C02310EAE83E816B4DE154CC53DFB85BCB83CE2F02B26
                                                                                              SHA-512:BFCB88C90F49183C56BF8CC0B9C4DA2F97B79E3C3097D62E63FE8BD3E9FB8253226894CB163538519230C0562A520AD6A0E86DF97164DB753F1BC2341E2199A2
                                                                                              Malicious:false
                                                                                              Preview:7....-...........4..}...8.?L.0.........4..}........C.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:modified
                                                                                              Size (bytes):723
                                                                                              Entropy (8bit):3.2130765254584066
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:Wlc8NOuuuuuuuuuuuuuuuuuuuuuuupa8z:iDh
                                                                                              MD5:4FDF4AD3F17A7F7C53A61B426BBF7D0D
                                                                                              SHA1:79B0E9B80D95A0C9E336D143D148D29D93FA6266
                                                                                              SHA-256:990F7A8B920946D262C05953D71E09FAF7ACED3DFC60D804B9AC3DB84CAF813A
                                                                                              SHA-512:DAA70DACABB3A19737BD0473F2A1E99844B6D89423B2CAAA93BA6ED51E2637AAA31D6E1BC46487F0FCEC24176808E1E373639467F8BB3A7FB86E006F9A5F048F
                                                                                              Malicious:false
                                                                                              Preview:A..r.................20_1_1...1.,U.................20_1_1...1..}0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............nX.&0................39_config..........6.....n ....1V.e................V.e................V.e................V.e................V.e................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):321
                                                                                              Entropy (8bit):5.220734885915522
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PlfwDM+q2P923oH+TcwtfrK+IFUt82lfwgZmw+2lfwDMVkwO923oH+TcwtfrUeLJ:PlfwDM+v4Yeb23FUt82lfwg/+2lfwDM9
                                                                                              MD5:955B20DC69076E38152D91FF729666C3
                                                                                              SHA1:6DE56C291EDD2E71E8D7CB9B4065FA8938BB9871
                                                                                              SHA-256:CDE28693C0C172D2C9541088ADEEBCD36717C7F0000B87233114674EDC4DA1E4
                                                                                              SHA-512:87820A82EA93AEF41069D7CEE28F34BE4950B96276683406E8EB066DD6B898FA834C7122F8B0367001788C3CF0AB3640C10C4140D759560CD9563B2F94951D26
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.161 3fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/09/05-08:31:09.161 3fc Recovering log #3.2024/09/05-08:31:09.161 3fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):321
                                                                                              Entropy (8bit):5.220734885915522
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PlfwDM+q2P923oH+TcwtfrK+IFUt82lfwgZmw+2lfwDMVkwO923oH+TcwtfrUeLJ:PlfwDM+v4Yeb23FUt82lfwg/+2lfwDM9
                                                                                              MD5:955B20DC69076E38152D91FF729666C3
                                                                                              SHA1:6DE56C291EDD2E71E8D7CB9B4065FA8938BB9871
                                                                                              SHA-256:CDE28693C0C172D2C9541088ADEEBCD36717C7F0000B87233114674EDC4DA1E4
                                                                                              SHA-512:87820A82EA93AEF41069D7CEE28F34BE4950B96276683406E8EB066DD6B898FA834C7122F8B0367001788C3CF0AB3640C10C4140D759560CD9563B2F94951D26
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.161 3fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/09/05-08:31:09.161 3fc Recovering log #3.2024/09/05-08:31:09.161 3fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):787
                                                                                              Entropy (8bit):4.059252238767438
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvB1ys:G0nYUtypD3RUovhC+lvBOL+t3IvB8s
                                                                                              MD5:D8D8899761F621B63AD5ED6DF46D22FE
                                                                                              SHA1:23E6A39058AB3C1DEADC0AF2E0FFD0D84BB7F1BE
                                                                                              SHA-256:A5E0A78EE981FB767509F26021E1FA3C506F4E86860946CAC1DC4107EB3B3813
                                                                                              SHA-512:4F89F556138C0CF24D3D890717EB82067C5269063C84229E93F203A22028782902FA48FB0154F53E06339F2FDBE35A985CE728235EA429D8D157090D25F15A4E
                                                                                              Malicious:false
                                                                                              Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):339
                                                                                              Entropy (8bit):5.223707428964027
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PfcDM+q2P923oH+TcwtfrzAdIFUt82fPgZmw+2fPDMVkwO923oH+TcwtfrzILJ:P0DM+v4Yeb9FUt82ng/+2nDMV5LYeb2J
                                                                                              MD5:6ADE2F772FF6638DBB7CFB6ECF7E5ADA
                                                                                              SHA1:F8F23CFE03EFB237B88FFC0C7303D80CA328DD22
                                                                                              SHA-256:EBABD8627D8C471261F19BE8BBEFF905F0C9096E47F358784879C79A9CABC1A0
                                                                                              SHA-512:BF5709727348854B932F60F73693638EDF7E6FE6E690DB6F4BA3E51D9A96ABC00311424E76C12D4C1245383C2F8D6C7861A8D16899A0FF251481B4486D215924
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.156 3fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/09/05-08:31:09.157 3fc Recovering log #3.2024/09/05-08:31:09.157 3fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):339
                                                                                              Entropy (8bit):5.223707428964027
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:PfcDM+q2P923oH+TcwtfrzAdIFUt82fPgZmw+2fPDMVkwO923oH+TcwtfrzILJ:P0DM+v4Yeb9FUt82ng/+2nDMV5LYeb2J
                                                                                              MD5:6ADE2F772FF6638DBB7CFB6ECF7E5ADA
                                                                                              SHA1:F8F23CFE03EFB237B88FFC0C7303D80CA328DD22
                                                                                              SHA-256:EBABD8627D8C471261F19BE8BBEFF905F0C9096E47F358784879C79A9CABC1A0
                                                                                              SHA-512:BF5709727348854B932F60F73693638EDF7E6FE6E690DB6F4BA3E51D9A96ABC00311424E76C12D4C1245383C2F8D6C7861A8D16899A0FF251481B4486D215924
                                                                                              Malicious:false
                                                                                              Preview:2024/09/05-08:31:09.156 3fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/09/05-08:31:09.157 3fc Recovering log #3.2024/09/05-08:31:09.157 3fc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):120
                                                                                              Entropy (8bit):3.32524464792714
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                              MD5:A397E5983D4A1619E36143B4D804B870
                                                                                              SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                              SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                              SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                              Malicious:false
                                                                                              Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with no line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):13
                                                                                              Entropy (8bit):2.7192945256669794
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:NYLFRQI:ap2I
                                                                                              MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                              SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                              SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                              SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                              Malicious:false
                                                                                              Preview:117.0.2045.47

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32d89.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32da8.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32fac.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3568d.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF44032.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49b81.TMP (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):44137
                                                                                              Entropy (8bit):6.090701574106393
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+ytbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE46btbz8hu3VlXr4CRo1
                                                                                              MD5:5AD49C8182F37D8D8717E3A8B9CEA9B2
                                                                                              SHA1:DBCF029FF5F5C65391295140B837F45A23F82360
                                                                                              SHA-256:8D095FBD7992047F8D8A18A328487823DE61B6860C8C9B736963F3D220CDC0EE
                                                                                              SHA-512:E63048886F2FB154096D09F6EC6D9288770A505EE950070B2944274C9558FF89FEB9CEADFDD42ED273C6DCB4A76472B89F68C03E8D64B696C5A671CB82097DD8
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                              Category:dropped
                                                                                              Size (bytes):20480
                                                                                              Entropy (8bit):0.5963118027796015
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:TLyeuAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3isTydBVzQd9U9ez/qS9i:TLyXOUOq0afDdWec9sJz+Z7J5fc
                                                                                              MD5:48A6A0713B06707BC2FE9A0F381748D3
                                                                                              SHA1:043A614CFEF749A49837F19F627B9D6B73F15039
                                                                                              SHA-256:2F2006ADEA26E5FF95198883A080C9881D774154D073051FC69053AF912B037B
                                                                                              SHA-512:4C04FFAE2B558EB4C05AD9DCA094700D927AFAD1E561D6358F1A77CB09FC481A6424237DFF6AB37D147E029E19D565E876CD85A2E9C0EC1B068002AA13A16DBA
                                                                                              Malicious:false
                                                                                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with no line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):47
                                                                                              Entropy (8bit):4.3818353308528755
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                              MD5:48324111147DECC23AC222A361873FC5
                                                                                              SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                              SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                              SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                              Malicious:false
                                                                                              Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):35
                                                                                              Entropy (8bit):4.014438730983427
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                              MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                              SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                              SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                              SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                              Malicious:false
                                                                                              Preview:{"forceServiceDetermination":false}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with no line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):50
                                                                                              Entropy (8bit):3.9904355005135823
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:0xXF/XctY5GUf+:0RFeUf+
                                                                                              MD5:E144AFBFB9EE10479AE2A9437D3FC9CA
                                                                                              SHA1:5AAAC173107C688C06944D746394C21535B0514B
                                                                                              SHA-256:EB28E8ED7C014F211BD81308853F407DF86AEBB5F80F8E4640C608CD772544C2
                                                                                              SHA-512:837D15B3477C95D2D71391D677463A497D8D9FFBD7EB42E412DA262C9B5C82F22CE4338A0BEAA22C81A06ECA2DF7A9A98B7D61ECACE5F087912FD9BA7914AF3F
                                                                                              Malicious:false
                                                                                              Preview:topTraffic_170540185939602997400506234197983529371

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):575056
                                                                                              Entropy (8bit):7.999649474060713
                                                                                              Encrypted:true
                                                                                              SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                              MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                              SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                              SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                              SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                              Malicious:false
                                                                                              Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):86
                                                                                              Entropy (8bit):4.3751917412896075
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQw:YQ3Kq9X0dMgAEwj2
                                                                                              MD5:16B7586B9EBA5296EA04B791FC3D675E
                                                                                              SHA1:8890767DD7EB4D1BEAB829324BA8B9599051F0B0
                                                                                              SHA-256:474D668707F1CB929FEF1E3798B71B632E50675BD1A9DCEAAB90C9587F72F680
                                                                                              SHA-512:58668D0C28B63548A1F13D2C2DFA19BCC14C0B7406833AD8E72DFC07F46D8DF6DED46265D74A042D07FBC88F78A59CB32389EF384EC78A55976DFC2737868771
                                                                                              Malicious:false
                                                                                              Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":2}

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b3a56ec2-141d-4cb9-85aa-54a80526bf75.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):45710
                                                                                              Entropy (8bit):6.08653215494476
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:mMGQ7FCYXGIgtDAWtJ4I9Dn/3hDO6vP6OrHkIt+Lqb/lEeCAonGoup1Xl3jVzXr+:mMGQ5XMBD9D06LvWeRonhu3VlXr49
                                                                                              MD5:6BC7260820D5AFEE6EF93107C43D02EB
                                                                                              SHA1:6A8BD28C3B884FDF274CEBC0FB938832F0764AE3
                                                                                              SHA-256:F70B63B7150C63654F92808115D6FC916EDCFC1A401DB9C0B2E906FAEB844570
                                                                                              SHA-512:1006102B7A48940A1EDE60CBAB3911DBE280FE23671950F382FE2BB7ADBF78D0FC57BCCC801F0745F5F17C69CB668196C1D4EB974B5B7D4B9ACB7DDB626A6049
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ecf1adaa-459e-4887-bce3-3d7d441049c7.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:modified
                                                                                              Size (bytes):44600
                                                                                              Entropy (8bit):6.0959925167460405
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBmwuOhDO6vP6OrLVIm5RclcGoup1Xl3jVzXr4CCAg:z/Ps+wsI7ynEQ6LEchu3VlXr4CRo1
                                                                                              MD5:71E7FD3DDF5172776FF07847D521CFC5
                                                                                              SHA1:C379E29E93300CE5A78331C9D6DD4A741C239267
                                                                                              SHA-256:555B111F5BFFF1CDE0BA30F7FF16D390A45BDE5D48782126D50B3693795C1BD3
                                                                                              SHA-512:8B708BEA8AD429C4E989B6FD0F8DF59B0495479EECDCEA6C3087CD03FFA658DDC307F448888CE3C55A7B39A2DC6C608D240A03675241DCF8AB3558772F1E9B4A
                                                                                              Malicious:false
                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                              C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):2278
                                                                                              Entropy (8bit):3.8368949255915563
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:uiTrlKxrgxixl9Il8u1CC4wBEHUa86d1rd1rc:m7YmCXQPBd1M
                                                                                              MD5:20099933453E3CAF785965347AEC24FA
                                                                                              SHA1:55E91118B6812E39DD63C41026B8F7ECFC37C07E
                                                                                              SHA-256:1CB2F960EFDA956D56DA75704CBE32F1E21638CA2ABDAAFE508A8DF6B32922F6
                                                                                              SHA-512:FB5888486095CD1D0CBF7C6EA3A1B50509E29D403AB2FC6B443083328C65957190F290FB5DAFAC6C631D01B8D3BBF7ABDCFBE33CEE08F9169BBAF6A97AB35C55
                                                                                              Malicious:false
                                                                                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.L.3.y.4.J.f./.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.8.x.Z.d.f.p.

                                                                                              C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:data
                                                                                              Category:dropped
                                                                                              Size (bytes):4622
                                                                                              Entropy (8bit):3.9981750213783935
                                                                                              Encrypted:false
                                                                                              SSDEEP:96:RYn7ZLGq3/xb0o4+kSkkmIKiHsV0FOONOIjmSUhI:ReC4/xb09FSkkmcM0TOIjmSYI
                                                                                              MD5:99889BC8502F0CC23492DDD7857C8E17
                                                                                              SHA1:0223A752EAACDC1A3DDF1E5E09388A8D5A617656
                                                                                              SHA-256:F340D3DDF0E584EA42D905667D3A5FBF342951FA4BF592B439F9D90DE48DBE49
                                                                                              SHA-512:D356A7214A50F08732F32ED4D14003EEE06F87D41AAC2039EC5ED76FCF60CBFE14EB7CA1E49A2106780B16A67CD6F99AA1A72B0A4EE37F9D1596A95CD8886DFE
                                                                                              Malicious:false
                                                                                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.h.1.d.x.o././.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.v.0.p.D.G.u.

                                                                                              C:\Users\user\AppData\Local\Temp\142faec3-441d-4d56-ba92-348598620b17.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:very short file (no magic)
                                                                                              Category:dropped
                                                                                              Size (bytes):1
                                                                                              Entropy (8bit):0.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:L:L
                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                              Malicious:false
                                                                                              Preview:.

                                                                                              C:\Users\user\AppData\Local\Temp\3e6cdc9f-2ce2-4cab-8b7d-7b2a59dadf23.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:Google Chrome extension, version 3
                                                                                              Category:dropped
                                                                                              Size (bytes):135751
                                                                                              Entropy (8bit):7.804610863392373
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:h+OX7O5AeBWdSq2Zso2iDNjF3dNUPOTy61NVo8OJXhQXXUWFMOiiBIHWI7YyjM/8:pVdSj9hjVn6Oj5fOJR+k0iiW2IPMaIul
                                                                                              MD5:83EF25FBEE6866A64F09323BFE1536E0
                                                                                              SHA1:24E8BD033CD15E3CF4F4FF4C8123E1868544AC65
                                                                                              SHA-256:F421D74829F2923FD9E5A06153E4E42DB011824C33475E564B17091598996E6F
                                                                                              SHA-512:C699D1C9649977731EEA0CB4740C4BEAACEEC82AECC43F9F2B1E5625C487C0BC45FA08A1152A35EFBDB3DB73B8AF3625206315D1F9645A24E1969316F9F5B38C
                                                                                              Malicious:false
                                                                                              Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[..........1...c@e.J.~..A...(9=...I.N.e..T......6.7..*.Kk?....]<.S(.....9}........$..6...:...9..b|B..8..I..7.8K\.KIn7.:.!^;.H........8.....,.\....b..uC...e?..E.U.........P..G..u!+......C.)Kw...............4..Qye..=$..Q.......?Oi.,O.RW6.k.+.&. .wu..tf....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E. ..r.....p..~..3.1.vD.i.]...~...!...<..4KV.~y.).`........>E.NT.%1".%............o.....J._.H.B..w..C......UU.&C..fB&..|..i..J......I.??^.Z.....Y....0^......?...o.....O.~......W.....~.......R..z.Ma...u]..*..-.n....2s<....E..6.<..W.H.qh....:j.y...N.D.]Nj....../..a...{....g.....f).~._....1q..L..#.G...Q.w...J."

                                                                                              C:\Users\user\AppData\Local\Temp\6858cfc7-817a-44a9-82de-848b98f5839e.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:very short file (no magic)
                                                                                              Category:dropped
                                                                                              Size (bytes):1
                                                                                              Entropy (8bit):0.0
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:L:L
                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                              Malicious:false
                                                                                              Preview:.

                                                                                              C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2110
                                                                                              Entropy (8bit):5.404413863242863
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854RrG:8e2Fa116uCntc5toYOgEp
                                                                                              MD5:88A4AE191B18AF38F9F0CDC4EBF814F4
                                                                                              SHA1:7229D66023A687CB09096B4A7EF6F71B552C81C4
                                                                                              SHA-256:03FECB2D693506AFC10F202199C4DF550C99C6404794B19FFB4FAA9D1878F1AC
                                                                                              SHA-512:6B2220E3A309F43869A5EC5F220DE3C47B32075601427395BF650E68F7BCE0EA70D98F922CE436CF20C23152789614D47F9BE84FA050290418C59458EF80C697
                                                                                              Malicious:false
                                                                                              Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                              C:\Users\user\AppData\Local\Temp\dc70ea12-5045-4ff5-9c82-44d96c1dd843.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:Google Chrome extension, version 3
                                                                                              Category:dropped
                                                                                              Size (bytes):11185
                                                                                              Entropy (8bit):7.951995436832936
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                              MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                              SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                              SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                              SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                              Malicious:false
                                                                                              Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                              C:\Users\user\AppData\Local\Temp\e0b51882-a32d-4bf6-8fa3-6caa8570dcb9.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 693860
                                                                                              Category:dropped
                                                                                              Size (bytes):524320
                                                                                              Entropy (8bit):7.998159061744845
                                                                                              Encrypted:true
                                                                                              SSDEEP:12288:UfOLTpYZBWqYw902J0jz/2F4w9mf+x4AsLXZ+E70G8OlmP6:USTABEw9LmjzeywO+x4AsLXZbx8OJ
                                                                                              MD5:93442F461585E19C55EA6B4BCFCE3EBD
                                                                                              SHA1:F5283B7826F130ECC656245C85F1CDDDFF87C0DB
                                                                                              SHA-256:340963404F7686F6BAB23E6701CEB9D599D9C377849FE4EFC17815EEEF319AF8
                                                                                              SHA-512:2B2655C69615DA827D8670AA937344C0DFF93547B0BAB7C018BAEB922351D0629F5E97A2DEEAB5226CA81B089B6701E7FD0EB00B368802A8B0F8A2BB11656FC8
                                                                                              Malicious:false
                                                                                              Preview:............o.6.........I....d[.z.6l.=...dIV...q..0...Iyk.C..8.R...v\7.....u..'..r...=.w..W.}..V_....W7......~..........<..f.-.O...l....a.../....l.m.e..kv.Y.n...~......}...ww..uSt.U..o.O...G..4w..|...........]]..y../..W.n...........".y..WB.2*C.7..W.4.....M...I..\&.($...."'....Y.e..o.7y.K.......oZ2.?..qW.O.$.............<.kV`2)G..%,...2.."Q..M.....}g.M`qa.x.Z_....N"......~.~.....;..4.....XEX...B0.Q=.'...z.,.|.>.5..W.6..$\RaT.&.m.%.b.2.....5#[..\...z.j.j|......~RN....@p.C.1.j.}..}..Z..Co'.i.%.TZ...O=%.`.J+............Y|.....mp.6...;v...l?...!..?"Q....a....'.8...)..)7..N...B.8...Yj.?..........V../...g....C..i.....IN...P..P.@.....N..u/...FJ.A<N<..gD. #..6....N.F.....C......4..........?R@.K../-%..P...|.././.o..?#K......%..=.8;........J..............6"..2.........jI....A..W.3......[.....$...>.%iJ..g..A...._....B.>.r...G.5.....$.P[.....J..r.y.4.KE.Lj/)i".w..Ig./.k?.....l../Z.f......"|%.-..T.....).l."Q..j*>%..E.J6...l...^.f.=`%./.l......7$D

                                                                                              C:\Users\user\AppData\Local\Temp\e26b7634-2604-4558-ba58-a53049e2bfeb.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                              Category:dropped
                                                                                              Size (bytes):206855
                                                                                              Entropy (8bit):7.983996634657522
                                                                                              Encrypted:false
                                                                                              SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEI5:l81Lel7E6lEMVo/S01fDpWmEgD
                                                                                              MD5:788DF0376CE061534448AA17288FEA95
                                                                                              SHA1:C3B9285574587B3D1950EE4A8D64145E93842AEB
                                                                                              SHA-256:B7FB1D3C27E04785757E013EC1AC4B1551D862ACD86F6888217AB82E642882A5
                                                                                              SHA-512:3AA9C1AA00060753422650BBFE58EEEA308DA018605A6C5287788C3E2909BE876367F83B541E1D05FE33F284741250706339010571D2E2D153A5C5A107D35001
                                                                                              Malicious:false
                                                                                              Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                              C:\Users\user\AppData\Local\Temp\fcafbaa8-aa33-42c6-a532-cea333bfdf02.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
                                                                                              Category:dropped
                                                                                              Size (bytes):76321
                                                                                              Entropy (8bit):7.996057445951542
                                                                                              Encrypted:true
                                                                                              SSDEEP:1536:hS5Vvm808scZeEzFrSpzBUl4MZIGM/iys3BBrYunau6wpGzxue:GdS8scZNzFrMa4M+lK5/nXexue
                                                                                              MD5:D7A1AC56ED4F4D17DD0524C88892C56D
                                                                                              SHA1:4153CA1A9A4FD0F781ECD5BA9D2A1E68C760ECD4
                                                                                              SHA-256:0A29576C4002D863B0C5AE7A0B36C0BBEB0FB9AFD16B008451D4142C07E1FF2B
                                                                                              SHA-512:31503F2F6831070E887EA104296E17EE755BB6BBFB1EF2A15371534BFA2D3F0CD53862389625CF498754B071885A53E1A7F82A3546275DB1F4588E0E80BF7BEE
                                                                                              Malicious:false
                                                                                              Preview:...........m{..(.}...7.\...N.D*.w..m..q....%XfL.*I.ql..;/.....s...E...0....`..A..[o^.^Y...F_.'.*.."L...^.......Y..W..l...E0..YY...:.&.u?....J..U<.q."...p.ib:.g.*.^.q.mr.....^&.{.E.....,EAp.q.......=.=.....z^.,d.^..J.R..zI4..2b?.-D5/.^...+.G..Y..?5..k........i.,.T#........_DV....P..d2......b\..L....o....Z.}../....CU.$.-..D9`..~......=....._.2O..?....b.{...7IY.L..q....K....T..5m.d.s.4.^... ..~<..7~6OS..b...^>.......s..n....k."..G.....L...z.U...... ... .ZY...,...kU1..N...(..V.r\$..s...X.It...x.mr..W....g........9DQR....*d......;L.S.....G... .._D.{.=.zI.g.Y~...`T..p.yO..4......8$..v.J..I.%..._.d.[..du5._._...?\..8.c.....U...fy.t....q.t....T@.......:zu..\,.!.I..AN_.....FeX..h.c.i.W.......(.....Y..F...R%.\..@.. 2(e,&.76..F+...l.t.$..`...........Wi.{.U.&(.b}...}.i..,...k....!..%...&.c..D-."..SQ.......q9....)j....7.".N....AX...).d./giR....uk.....s.....^...........:...~......(hP..K.@.&..?.E0:+D|9...U.q.cu..)t{.e...X...{.....z......LL&I6.=.

                                                                                              C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                              Category:dropped
                                                                                              Size (bytes):32768
                                                                                              Entropy (8bit):0.4593089050301797
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                              MD5:D910AD167F0217587501FDCDB33CC544
                                                                                              SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                              SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                              SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                              Malicious:false
                                                                                              Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_1607228590\CRX_INSTALL\_metadata\verified_contents.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1753
                                                                                              Entropy (8bit):5.8889033066924155
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                              MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                              SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                              SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                              SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                              Malicious:false
                                                                                              Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_1607228590\CRX_INSTALL\content.js

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):9815
                                                                                              Entropy (8bit):6.1716321262973315
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                              MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                              SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                              SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                              SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                              Malicious:false
                                                                                              Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_1607228590\CRX_INSTALL\content_new.js

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):10388
                                                                                              Entropy (8bit):6.174387413738973
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                              MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                              SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                              SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                              SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                              Malicious:false
                                                                                              Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_1607228590\CRX_INSTALL\manifest.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):962
                                                                                              Entropy (8bit):5.698567446030411
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                              MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                              SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                              SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                              SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                              Malicious:false
                                                                                              Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_1607228590\dc70ea12-5045-4ff5-9c82-44d96c1dd843.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:Google Chrome extension, version 3
                                                                                              Category:dropped
                                                                                              Size (bytes):11185
                                                                                              Entropy (8bit):7.951995436832936
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                              MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                              SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                              SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                              SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                              Malicious:false
                                                                                              Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\3e6cdc9f-2ce2-4cab-8b7d-7b2a59dadf23.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:Google Chrome extension, version 3
                                                                                              Category:dropped
                                                                                              Size (bytes):135751
                                                                                              Entropy (8bit):7.804610863392373
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:h+OX7O5AeBWdSq2Zso2iDNjF3dNUPOTy61NVo8OJXhQXXUWFMOiiBIHWI7YyjM/8:pVdSj9hjVn6Oj5fOJR+k0iiW2IPMaIul
                                                                                              MD5:83EF25FBEE6866A64F09323BFE1536E0
                                                                                              SHA1:24E8BD033CD15E3CF4F4FF4C8123E1868544AC65
                                                                                              SHA-256:F421D74829F2923FD9E5A06153E4E42DB011824C33475E564B17091598996E6F
                                                                                              SHA-512:C699D1C9649977731EEA0CB4740C4BEAACEEC82AECC43F9F2B1E5625C487C0BC45FA08A1152A35EFBDB3DB73B8AF3625206315D1F9645A24E1969316F9F5B38C
                                                                                              Malicious:false
                                                                                              Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[..........1...c@e.J.~..A...(9=...I.N.e..T......6.7..*.Kk?....]<.S(.....9}........$..6...:...9..b|B..8..I..7.8K\.KIn7.:.!^;.H........8.....,.\....b..uC...e?..E.U.........P..G..u!+......C.)Kw...............4..Qye..=$..Q.......?Oi.,O.RW6.k.+.&. .wu..tf....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E. ..r.....p..~..3.1.vD.i.]...~...!...<..4KV.~y.).`........>E.NT.%1".%............o.....J._.H.B..w..C......UU.&C..fB&..|..i..J......I.??^.Z.....Y....0^......?...o.....O.~......W.....~.......R..z.Ma...u]..*..-.n....2s<....E..6.<..W.H.qh....:j.y...N.D.]Nj....../..a...{....g.....f).~._....1q..L..#.G...Q.w...J."

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\128.png

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                              Category:dropped
                                                                                              Size (bytes):4982
                                                                                              Entropy (8bit):7.929761711048726
                                                                                              Encrypted:false
                                                                                              SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                              MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                              SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                              SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                              SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                              Malicious:false
                                                                                              Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\af\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):908
                                                                                              Entropy (8bit):4.512512697156616
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                              MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                              SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                              SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                              SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\am\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1285
                                                                                              Entropy (8bit):4.702209356847184
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                              MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                              SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                              SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                              SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ar\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1244
                                                                                              Entropy (8bit):4.5533961615623735
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                              MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                              SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                              SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                              SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\az\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):977
                                                                                              Entropy (8bit):4.867640976960053
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                              MD5:9A798FD298008074E59ECC253E2F2933
                                                                                              SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                              SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                              SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\be\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):3107
                                                                                              Entropy (8bit):3.535189746470889
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                              MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                              SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                              SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                              SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\bg\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1389
                                                                                              Entropy (8bit):4.561317517930672
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                              MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                              SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                              SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                              SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\bn\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1763
                                                                                              Entropy (8bit):4.25392954144533
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                              MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                              SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                              SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                              SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ca\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):930
                                                                                              Entropy (8bit):4.569672473374877
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                              MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                              SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                              SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                              SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\cs\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):913
                                                                                              Entropy (8bit):4.947221919047
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                              MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                              SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                              SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                              SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\cy\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):806
                                                                                              Entropy (8bit):4.815663786215102
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                              MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                              SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                              SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                              SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\da\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):883
                                                                                              Entropy (8bit):4.5096240460083905
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                              MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                              SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                              SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                              SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\de\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1031
                                                                                              Entropy (8bit):4.621865814402898
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                              MD5:D116453277CC860D196887CEC6432FFE
                                                                                              SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                              SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                              SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\el\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1613
                                                                                              Entropy (8bit):4.618182455684241
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                              MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                              SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                              SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                              SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\en\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):851
                                                                                              Entropy (8bit):4.4858053753176526
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                              MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                              SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                              SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                              SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):851
                                                                                              Entropy (8bit):4.4858053753176526
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                              MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                              SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                              SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                              SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):848
                                                                                              Entropy (8bit):4.494568170878587
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                              MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                              SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                              SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                              SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\en_US\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1425
                                                                                              Entropy (8bit):4.461560329690825
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                              MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                              SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                              SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                              SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                              Malicious:false
                                                                                              Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\es\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):961
                                                                                              Entropy (8bit):4.537633413451255
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                              MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                              SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                              SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                              SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\es_419\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):959
                                                                                              Entropy (8bit):4.570019855018913
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                              MD5:535331F8FB98894877811B14994FEA9D
                                                                                              SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                              SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                              SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\et\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):968
                                                                                              Entropy (8bit):4.633956349931516
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                              MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                              SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                              SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                              SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\eu\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):838
                                                                                              Entropy (8bit):4.4975520913636595
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                              MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                              SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                              SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                              SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\fa\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1305
                                                                                              Entropy (8bit):4.673517697192589
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                              MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                              SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                              SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                              SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\fi\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):911
                                                                                              Entropy (8bit):4.6294343834070935
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                              MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                              SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                              SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                              SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\fil\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):939
                                                                                              Entropy (8bit):4.451724169062555
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                              MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                              SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                              SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                              SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\fr\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):977
                                                                                              Entropy (8bit):4.622066056638277
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                              MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                              SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                              SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                              SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):972
                                                                                              Entropy (8bit):4.621319511196614
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                              MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                              SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                              SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                              SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\gl\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):990
                                                                                              Entropy (8bit):4.497202347098541
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                              MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                              SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                              SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                              SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\gu\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1658
                                                                                              Entropy (8bit):4.294833932445159
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                              MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                              SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                              SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                              SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\hi\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1672
                                                                                              Entropy (8bit):4.314484457325167
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                              MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                              SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                              SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                              SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\hr\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):935
                                                                                              Entropy (8bit):4.6369398601609735
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                              MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                              SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                              SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                              SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\hu\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1065
                                                                                              Entropy (8bit):4.816501737523951
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                              MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                              SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                              SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                              SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\hy\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2771
                                                                                              Entropy (8bit):3.7629875118570055
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                              MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                              SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                              SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                              SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\id\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):858
                                                                                              Entropy (8bit):4.474411340525479
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                              MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                              SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                              SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                              SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\is\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):954
                                                                                              Entropy (8bit):4.631887382471946
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:YGXU2rOcxGe+J97f9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95MwP9KkJ+je:YwBrD2J2DBLMfFuWvdpY94vioO+uh
                                                                                              MD5:1F565FB1C549B18AF8BBFED8DECD5D94
                                                                                              SHA1:B57F4BDAE06FF3DFC1EB3E56B6F2F204D6F63638
                                                                                              SHA-256:E16325D1A641EF7421F2BAFCD6433D53543C89D498DD96419B03CBA60B9C7D60
                                                                                              SHA-512:A60B8E042A9BCDCC136B87948E9924A0B24D67C6CA9803904B876F162A0AD82B9619F1316BE9FF107DD143B44F7E6F5DF604ABFE00818DEB40A7D62917CDA69F
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\it\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):899
                                                                                              Entropy (8bit):4.474743599345443
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                              MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                              SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                              SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                              SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\iw\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2230
                                                                                              Entropy (8bit):3.8239097369647634
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                              MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                              SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                              SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                              SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ja\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1160
                                                                                              Entropy (8bit):5.292894989863142
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                              MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                              SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                              SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                              SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ka\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):3264
                                                                                              Entropy (8bit):3.586016059431306
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                              MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                              SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                              SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                              SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\kk\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):3235
                                                                                              Entropy (8bit):3.6081439490236464
                                                                                              Encrypted:false
                                                                                              SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                              MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                              SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                              SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                              SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\km\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):3122
                                                                                              Entropy (8bit):3.891443295908904
                                                                                              Encrypted:false
                                                                                              SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                              MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                              SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                              SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                              SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\kn\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1880
                                                                                              Entropy (8bit):4.295185867329351
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/UGG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZZ
                                                                                              MD5:8E16966E815C3C274EEB8492B1EA6648
                                                                                              SHA1:7482ED9F1C9FD9F6F9BA91AB15921B19F64C9687
                                                                                              SHA-256:418FF53FCA505D54268413C796E4DF80E947A09F399AB222A90B81E93113D5B5
                                                                                              SHA-512:85B28202E874B1CF45B37BA05B87B3D8D6FE38E89C6011C4240CF6B563EA6DA60181D712CCE20D07C364F4A266A4EC90C4934CC8B7BB2013CB3B22D755796E38
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ko\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1042
                                                                                              Entropy (8bit):5.3945675025513955
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                              MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                              SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                              SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                              SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\lo\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2535
                                                                                              Entropy (8bit):3.8479764584971368
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                              MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                              SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                              SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                              SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\lt\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1028
                                                                                              Entropy (8bit):4.797571191712988
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                              MD5:970544AB4622701FFDF66DC556847652
                                                                                              SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                              SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                              SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\lv\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):994
                                                                                              Entropy (8bit):4.700308832360794
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                              MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                              SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                              SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                              SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ml\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2091
                                                                                              Entropy (8bit):4.358252286391144
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                              MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                              SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                              SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                              SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\mn\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2778
                                                                                              Entropy (8bit):3.595196082412897
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                              MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                              SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                              SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                              SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\mr\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1719
                                                                                              Entropy (8bit):4.287702203591075
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                              MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                              SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                              SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                              SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ms\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):936
                                                                                              Entropy (8bit):4.457879437756106
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                              MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                              SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                              SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                              SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\my\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):3830
                                                                                              Entropy (8bit):3.5483353063347587
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                              MD5:342335A22F1886B8BC92008597326B24
                                                                                              SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                              SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                              SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ne\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1898
                                                                                              Entropy (8bit):4.187050294267571
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                              MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                              SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                              SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                              SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\nl\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):914
                                                                                              Entropy (8bit):4.513485418448461
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                              MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                              SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                              SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                              SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\no\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):878
                                                                                              Entropy (8bit):4.4541485835627475
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                              MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                              SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                              SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                              SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\pa\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2766
                                                                                              Entropy (8bit):3.839730779948262
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                              MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                              SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                              SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                              SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\pl\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):978
                                                                                              Entropy (8bit):4.879137540019932
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                              MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                              SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                              SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                              SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):907
                                                                                              Entropy (8bit):4.599411354657937
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                              MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                              SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                              SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                              SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):914
                                                                                              Entropy (8bit):4.604761241355716
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                              MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                              SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                              SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                              SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ro\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):937
                                                                                              Entropy (8bit):4.686555713975264
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                              MD5:BED8332AB788098D276B448EC2B33351
                                                                                              SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                              SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                              SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ru\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1337
                                                                                              Entropy (8bit):4.69531415794894
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                              MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                              SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                              SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                              SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\si\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2846
                                                                                              Entropy (8bit):3.7416822879702547
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                              MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                              SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                              SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                              SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\sk\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):934
                                                                                              Entropy (8bit):4.882122893545996
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                              MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                              SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                              SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                              SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\sl\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):963
                                                                                              Entropy (8bit):4.6041913416245
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                              MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                              SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                              SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                              SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\sr\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1320
                                                                                              Entropy (8bit):4.569671329405572
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                              MD5:7F5F8933D2D078618496C67526A2B066
                                                                                              SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                              SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                              SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\sv\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):884
                                                                                              Entropy (8bit):4.627108704340797
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                              MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                              SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                              SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                              SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\sw\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):980
                                                                                              Entropy (8bit):4.50673686618174
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                              MD5:D0579209686889E079D87C23817EDDD5
                                                                                              SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                              SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                              SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ta\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1941
                                                                                              Entropy (8bit):4.132139619026436
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                              MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                              SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                              SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                              SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\te\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1969
                                                                                              Entropy (8bit):4.327258153043599
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                              MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                              SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                              SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                              SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\th\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1674
                                                                                              Entropy (8bit):4.343724179386811
                                                                                              Encrypted:false
                                                                                              SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                              MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                              SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                              SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                              SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\tr\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1063
                                                                                              Entropy (8bit):4.853399816115876
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                              MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                              SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                              SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                              SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\uk\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1333
                                                                                              Entropy (8bit):4.686760246306605
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                              MD5:970963C25C2CEF16BB6F60952E103105
                                                                                              SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                              SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                              SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\ur\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1263
                                                                                              Entropy (8bit):4.861856182762435
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                              MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                              SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                              SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                              SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\vi\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1074
                                                                                              Entropy (8bit):5.062722522759407
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                              MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                              SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                              SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                              SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):879
                                                                                              Entropy (8bit):5.7905809868505544
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                              MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                              SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                              SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                              SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):1205
                                                                                              Entropy (8bit):4.50367724745418
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                              MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                              SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                              SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                              SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):843
                                                                                              Entropy (8bit):5.76581227215314
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                              MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                              SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                              SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                              SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                              Malicious:false
                                                                                              Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_locales\zu\messages.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):912
                                                                                              Entropy (8bit):4.65963951143349
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                              MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                              SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                              SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                              SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                              Malicious:false
                                                                                              Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\_metadata\verified_contents.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):11280
                                                                                              Entropy (8bit):5.754230909218899
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsN9Jtwg1MK8HNnswuHEIIMuuqd7CKqv+pccW5SJ+:m8IGIEu8RfW+
                                                                                              MD5:BE5DB35513DDEF454CE3502B6418B9B4
                                                                                              SHA1:C82B23A82F745705AA6BCBBEFEB6CE3DBCC71CB1
                                                                                              SHA-256:C6F623BE1112C2FDE6BE8941848A82B2292FCD2B475FBD363CC2FD4DF25049B5
                                                                                              SHA-512:38C48E67631FAF0594D44525423C6EDC08F5A65F04288F0569B7CF8C71C359924069212462B0A2BFA38356F93708143EE1CBD42295D7317E8670D0A0CD10BAFD
                                                                                              Malicious:false
                                                                                              Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\dasherSettingSchema.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):854
                                                                                              Entropy (8bit):4.284628987131403
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                              MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                              SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                              SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                              SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                              Malicious:false
                                                                                              Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\manifest.json

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):2525
                                                                                              Entropy (8bit):5.417689528134667
                                                                                              Encrypted:false
                                                                                              SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1e9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APegiVb
                                                                                              MD5:10FF8E5B674311683D27CE1879384954
                                                                                              SHA1:9C269C14E067BB86642EB9F4816D75CF1B9B9158
                                                                                              SHA-256:17363162A321625358255EE939F447E9363FF2284BD35AE15470FD5318132CA9
                                                                                              SHA-512:4D3EB89D398A595FEA8B59AC6269A57CC96C4A0E5A5DB8C5FE70AB762E8144A5DF9AFC8756CA2E798E50778CD817CC9B0826FC2942DE31397E858DBFA1B06830
                                                                                              Malicious:false
                                                                                              Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\offscreendocument.html

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:HTML document, ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):97
                                                                                              Entropy (8bit):4.862433271815736
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                              MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                              SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                              SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                              SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                              Malicious:false
                                                                                              Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\offscreendocument_main.js

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with very long lines (4369)
                                                                                              Category:dropped
                                                                                              Size (bytes):95567
                                                                                              Entropy (8bit):5.4016395763198135
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:Ftd/mjDC/Hass/jCKLwPOPO2MCeYHxU2/NjAGHChg3JOzZ8:YfjCKdHm2/NbHCIJo8
                                                                                              MD5:09AF2D8CFA8BF1078101DA78D09C4174
                                                                                              SHA1:F2369551E2CDD86258062BEB0729EE4D93FCA050
                                                                                              SHA-256:39D113C44D45AE3609B9509ED099680CC5FCEF182FD9745B303A76E164D8BCEC
                                                                                              SHA-512:F791434B053FA2A5B731C60F22A4579F19FE741134EF0146E8BAC7DECAC78DE65915B3188093DBBE00F389A7F15B80172053FABB64E636DD4A945DBE3C2CF2E6
                                                                                              Malicious:false
                                                                                              Preview:'use strict';function aa(){return function(){}}function l(a){return function(){return this[a]}}var n;function ba(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ca="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function da(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=da(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ca(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f||"")+"_"+e++,f)}function c(f,

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\page_embed_script.js

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):291
                                                                                              Entropy (8bit):4.65176400421739
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                              MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                              SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                              SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                              SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                              Malicious:false
                                                                                              Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir5948_881351672\CRX_INSTALL\service_worker_bin_prod.js

                                                                                              Download File
                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              File Type:ASCII text, with very long lines (4369)
                                                                                              Category:dropped
                                                                                              Size (bytes):103988
                                                                                              Entropy (8bit):5.389407461078688
                                                                                              Encrypted:false
                                                                                              SSDEEP:1536:oXWJmOMsz9UqqRtjWLqj74SJf2VsxJ5BGOzr61SfwKmWGMJOaAFlObQ/x0BGm:yRqr6v3JnVzr6wwfMtkFSYm
                                                                                              MD5:EA946F110850F17E637B15CF22B82837
                                                                                              SHA1:8D27C963E76E3D2F5B8634EE66706F95F000FCAF
                                                                                              SHA-256:029DFE87536E8907A612900B26EEAA72C63EDF28458A7227B295AE6D4E2BD94C
                                                                                              SHA-512:5E8E61E648740FEF2E89A035A4349B2E4E5E4E88150EE1BDA9D4AD8D75827DC67C1C95A2CA41DF5B89DE8F575714E1A4D23BDE2DC3CF21D55DB3A39907B8F820
                                                                                              Malicious:false
                                                                                              Preview:'use strict';function k(){return function(){}}function n(a){return function(){return this[a]}}var q;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function da(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var r=da(this);function t(a,b){if(b)a:{var c=r;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.t("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f||"")+"_"+e++,f)}function c(f,g

                                                                                              C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                              Category:dropped
                                                                                              Size (bytes):453023
                                                                                              Entropy (8bit):7.997718157581587
                                                                                              Encrypted:true
                                                                                              SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                              MD5:85430BAED3398695717B0263807CF97C
                                                                                              SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                              SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                              SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                              Malicious:false
                                                                                              Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):24
                                                                                              Entropy (8bit):3.91829583405449
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                              MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                              SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                              SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                              SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                              Malicious:false
                                                                                              Preview:{"schema":6,"addons":[]}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):24
                                                                                              Entropy (8bit):3.91829583405449
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                              MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                              SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                              SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                              SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                              Malicious:false
                                                                                              Preview:{"schema":6,"addons":[]}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4 (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                              Category:dropped
                                                                                              Size (bytes):66
                                                                                              Entropy (8bit):4.837595020998689
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                              MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                              SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                              SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                              SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                              Malicious:false
                                                                                              Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                              Category:dropped
                                                                                              Size (bytes):66
                                                                                              Entropy (8bit):4.837595020998689
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                              MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                              SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                              SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                              SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                              Malicious:false
                                                                                              Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):36830
                                                                                              Entropy (8bit):5.1867463390487
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                              MD5:98875950B62B398FFE70C0A8D0998017
                                                                                              SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                              SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                              SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                              Malicious:false
                                                                                              Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):36830
                                                                                              Entropy (8bit):5.1867463390487
                                                                                              Encrypted:false
                                                                                              SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                              MD5:98875950B62B398FFE70C0A8D0998017
                                                                                              SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                              SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                              SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                              Malicious:false
                                                                                              Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                              Category:dropped
                                                                                              Size (bytes):1021904
                                                                                              Entropy (8bit):6.648417932394748
                                                                                              Encrypted:false
                                                                                              SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                              MD5:FE3355639648C417E8307C6D051E3E37
                                                                                              SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                              SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                              SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                              Malicious:false
                                                                                              Antivirus:
                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                              Joe Sandbox View:
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                              Category:dropped
                                                                                              Size (bytes):1021904
                                                                                              Entropy (8bit):6.648417932394748
                                                                                              Encrypted:false
                                                                                              SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                              MD5:FE3355639648C417E8307C6D051E3E37
                                                                                              SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                              SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                              SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                              Malicious:false
                                                                                              Antivirus:
                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                              Joe Sandbox View:
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):116
                                                                                              Entropy (8bit):4.968220104601006
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                              MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                              SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                              SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                              SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                              Malicious:false
                                                                                              Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:ASCII text
                                                                                              Category:dropped
                                                                                              Size (bytes):116
                                                                                              Entropy (8bit):4.968220104601006
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                              MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                              SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                              SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                              SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                              Malicious:false
                                                                                              Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs-1.js

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):11225
                                                                                              Entropy (8bit):5.510774197254429
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:2+nPOeRnHYbBp6RJ0aX+36SEXKKKkHWNBw8rFSl:XPegJUq7PHEwY0
                                                                                              MD5:6D0077E3C6C613A565E6A6407958CF57
                                                                                              SHA1:51CD1C5A590DAEE4FA5F05F51BAC695B01C4D8E9
                                                                                              SHA-256:01B9E969136F854284796F5FA86FF6B1F1B6D3241F1EC94B3C06E7068700356A
                                                                                              SHA-512:EDAD87784143763451968A4D8B61784CAA027A4707E6C2C8DED6C00C10955175CD486F2767BDF51B5F2A5C404EA56C855C4E155AFF449B48FC9C4D6BFB881011
                                                                                              Malicious:false
                                                                                              Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 1);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1725546203);..user_pref("app.update.lastUpdateTime.background-update-timer", 1725546203);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696426836);..u

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.js (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                              Category:dropped
                                                                                              Size (bytes):11225
                                                                                              Entropy (8bit):5.510774197254429
                                                                                              Encrypted:false
                                                                                              SSDEEP:192:2+nPOeRnHYbBp6RJ0aX+36SEXKKKkHWNBw8rFSl:XPegJUq7PHEwY0
                                                                                              MD5:6D0077E3C6C613A565E6A6407958CF57
                                                                                              SHA1:51CD1C5A590DAEE4FA5F05F51BAC695B01C4D8E9
                                                                                              SHA-256:01B9E969136F854284796F5FA86FF6B1F1B6D3241F1EC94B3C06E7068700356A
                                                                                              SHA-512:EDAD87784143763451968A4D8B61784CAA027A4707E6C2C8DED6C00C10955175CD486F2767BDF51B5F2A5C404EA56C855C4E155AFF449B48FC9C4D6BFB881011
                                                                                              Malicious:false
                                                                                              Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 1);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1725546203);..user_pref("app.update.lastUpdateTime.background-update-timer", 1725546203);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696426836);..u

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\saved-telemetry-pings\49409584-9cbe-40a8-9057-948720249a2c (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):493
                                                                                              Entropy (8bit):4.957147243070369
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:YZFgm6ThhJeZZIVHlW8cOlZGV1AQIYzvZcyBuLZGAvxn:YH6ThhUTSlCOlZGV1AQIWZcy6ZXvx
                                                                                              MD5:08E8E884F5EEDAAFBA346F7B9534BD6C
                                                                                              SHA1:B3EDDE60994FF8BC8B93E7B3C1750CBEC46D0AEE
                                                                                              SHA-256:FFF496711D47A776115AE75C80CEA9C761372BF28484F6ACF1B9A4F43E6D951F
                                                                                              SHA-512:9F8C9BF5860911F4EDD03EB17F4657A14361CA659C5B194187FF98B77B2EFC5AF97F04700FC68E8C9253117567101CA545157DF49CD64311FBB57B98AE71ACDF
                                                                                              Malicious:false
                                                                                              Preview:{"type":"health","id":"49409584-9cbe-40a8-9057-948720249a2c","creationDate":"2024-09-05T14:23:55.175Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"os":{"name":"WINNT","version":"10.0"},"reason":"immediate","sendFailure":{"eUnreachable":1}},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95"}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\saved-telemetry-pings\49409584-9cbe-40a8-9057-948720249a2c.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:modified
                                                                                              Size (bytes):493
                                                                                              Entropy (8bit):4.957147243070369
                                                                                              Encrypted:false
                                                                                              SSDEEP:12:YZFgm6ThhJeZZIVHlW8cOlZGV1AQIYzvZcyBuLZGAvxn:YH6ThhUTSlCOlZGV1AQIWZcy6ZXvx
                                                                                              MD5:08E8E884F5EEDAAFBA346F7B9534BD6C
                                                                                              SHA1:B3EDDE60994FF8BC8B93E7B3C1750CBEC46D0AEE
                                                                                              SHA-256:FFF496711D47A776115AE75C80CEA9C761372BF28484F6ACF1B9A4F43E6D951F
                                                                                              SHA-512:9F8C9BF5860911F4EDD03EB17F4657A14361CA659C5B194187FF98B77B2EFC5AF97F04700FC68E8C9253117567101CA545157DF49CD64311FBB57B98AE71ACDF
                                                                                              Malicious:false
                                                                                              Preview:{"type":"health","id":"49409584-9cbe-40a8-9057-948720249a2c","creationDate":"2024-09-05T14:23:55.175Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"os":{"name":"WINNT","version":"10.0"},"reason":"immediate","sendFailure":{"eUnreachable":1}},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95"}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):53
                                                                                              Entropy (8bit):4.136624295551173
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AY:Y9KQOy6Lb1BA+9
                                                                                              MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
                                                                                              SHA1:B43BC4B3EA206A02EF8F63D5BFAD0C96BF2A3B2A
                                                                                              SHA-256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
                                                                                              SHA-512:076EE83534F42563046D25086166F82E1A3EC61840C113AEC67ABE2D8195DAA247D827D0C54E7E8F8A1BBF2D082A3763577587E84342EC160FF97905243E6D19
                                                                                              Malicious:false
                                                                                              Preview:{"profile-after-change":true,"final-ui-startup":true}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:JSON data
                                                                                              Category:dropped
                                                                                              Size (bytes):53
                                                                                              Entropy (8bit):4.136624295551173
                                                                                              Encrypted:false
                                                                                              SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AY:Y9KQOy6Lb1BA+9
                                                                                              MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
                                                                                              SHA1:B43BC4B3EA206A02EF8F63D5BFAD0C96BF2A3B2A
                                                                                              SHA-256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
                                                                                              SHA-512:076EE83534F42563046D25086166F82E1A3EC61840C113AEC67ABE2D8195DAA247D827D0C54E7E8F8A1BBF2D082A3763577587E84342EC160FF97905243E6D19
                                                                                              Malicious:false
                                                                                              Preview:{"profile-after-change":true,"final-ui-startup":true}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:Mozilla lz4 compressed data, originally 301 bytes
                                                                                              Category:dropped
                                                                                              Size (bytes):271
                                                                                              Entropy (8bit):5.489723704860785
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:vXDvz2SzHs/udk+eDAWrZCMNRoGO/QqC5mcfnK3SIgCIPQvptVngNzdDdCQ:vLz2S+EWDDoWqC5mcPK341PQvpnmd9
                                                                                              MD5:13660CDF9B0FD3047533E898399967C4
                                                                                              SHA1:E608553550CCF81AD57EA29F2D9EC224BA2B833E
                                                                                              SHA-256:B9C82F633EF34D497F1E0C7A758808C463B412707B74B55CED0AD265E544B085
                                                                                              SHA-512:28B9870DE252BAF8D25ABFA06634AE1001086F74C1B3797C7BA0B6434F6903FB553439B626F7FE7D4AA621C64273730F4C35B6CE45E54319BDABCCEC52EF4B9A
                                                                                              Malicious:false
                                                                                              Preview:mozLz40.-.....{"version":["ses....restore",1],"windows":[{"tab....],"selected":0,"_closedT..d_lastC...&GroupCount":-1,"busy":false,"chromeFlags":2150633470}d..W..5":1j..........@":{"w...Update":1725546191358,"startTim...#72159,"recentCrashes":0},"global":{},"cookies":[]}

                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                              Download File
                                                                                              Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              File Type:Mozilla lz4 compressed data, originally 301 bytes
                                                                                              Category:dropped
                                                                                              Size (bytes):271
                                                                                              Entropy (8bit):5.489723704860785
                                                                                              Encrypted:false
                                                                                              SSDEEP:6:vXDvz2SzHs/udk+eDAWrZCMNRoGO/QqC5mcfnK3SIgCIPQvptVngNzdDdCQ:vLz2S+EWDDoWqC5mcPK341PQvpnmd9
                                                                                              MD5:13660CDF9B0FD3047533E898399967C4
                                                                                              SHA1:E608553550CCF81AD57EA29F2D9EC224BA2B833E
                                                                                              SHA-256:B9C82F633EF34D497F1E0C7A758808C463B412707B74B55CED0AD265E544B085
                                                                                              SHA-512:28B9870DE252BAF8D25ABFA06634AE1001086F74C1B3797C7BA0B6434F6903FB553439B626F7FE7D4AA621C64273730F4C35B6CE45E54319BDABCCEC52EF4B9A
                                                                                              Malicious:false
                                                                                              Preview:mozLz40.-.....{"version":["ses....restore",1],"windows":[{"tab....],"selected":0,"_closedT..d_lastC...&GroupCount":-1,"busy":false,"chromeFlags":2150633470}d..W..5":1j..........@":{"w...Update":1725546191358,"startTim...#72159,"recentCrashes":0},"global":{},"cookies":[]}

                                                                                              Static File Info

                                                                                              General

                                                                                              File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                              Entropy (8bit):6.579609417653527
                                                                                              TrID:
                                                                                              • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                              • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                              • DOS Executable Generic (2002/1) 0.02%
                                                                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                              File name:file.exe
                                                                                              File size:917'504 bytes
                                                                                              MD5:9174e680d1b0ea8cdb3ee932ec2dfc6f
                                                                                              SHA1:49ba7df579d1b30e9c4474ba6733748614ab5c68
                                                                                              SHA256:136d5473ded4b9a2bef3ef6160a377c0965b4e7292fb81980219ef8cc7d96cfd
                                                                                              SHA512:de67a3bbe4a4ebe5bce9e039d9a111ad65885baeb0a8da3412bf8694d1bbfddf39d2175478e69ae36395d5f550c457c899582d7388c0c1a39c0094c3de1f1d0a
                                                                                              SSDEEP:12288:UqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgarTP:UqDEvCTbMWu7rQYlBQcBiT6rprG8avP
                                                                                              TLSH:5F159E0273D1C062FF9B92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3
                                                                                              File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                              File Icon

                                                                                              Icon Hash:aaf3e3e3938382a0

                                                                                              Static PE Info

                                                                                              General

                                                                                              Entrypoint:0x420577
                                                                                              Entrypoint Section:.text
                                                                                              Digitally signed:false
                                                                                              Imagebase:0x400000
                                                                                              Subsystem:windows gui
                                                                                              Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                              DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                              Time Stamp:0x66D9A2D9 [Thu Sep 5 12:23:53 2024 UTC]
                                                                                              TLS Callbacks:
                                                                                              CLR (.Net) Version:
                                                                                              OS Version Major:5
                                                                                              OS Version Minor:1
                                                                                              File Version Major:5
                                                                                              File Version Minor:1
                                                                                              Subsystem Version Major:5
                                                                                              Subsystem Version Minor:1
                                                                                              Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                              Entrypoint Preview

                                                                                              Instruction
                                                                                              call 00007F7CD4552373h
                                                                                              jmp 00007F7CD4551C7Fh
                                                                                              push ebp
                                                                                              mov ebp, esp
                                                                                              push esi
                                                                                              push dword ptr [ebp+08h]
                                                                                              mov esi, ecx
                                                                                              call 00007F7CD4551E5Dh
                                                                                              mov dword ptr [esi], 0049FDF0h
                                                                                              mov eax, esi
                                                                                              pop esi
                                                                                              pop ebp
                                                                                              retn 0004h
                                                                                              and dword ptr [ecx+04h], 00000000h
                                                                                              mov eax, ecx
                                                                                              and dword ptr [ecx+08h], 00000000h
                                                                                              mov dword ptr [ecx+04h], 0049FDF8h
                                                                                              mov dword ptr [ecx], 0049FDF0h
                                                                                              ret
                                                                                              push ebp
                                                                                              mov ebp, esp
                                                                                              push esi
                                                                                              push dword ptr [ebp+08h]
                                                                                              mov esi, ecx
                                                                                              call 00007F7CD4551E2Ah
                                                                                              mov dword ptr [esi], 0049FE0Ch
                                                                                              mov eax, esi
                                                                                              pop esi
                                                                                              pop ebp
                                                                                              retn 0004h
                                                                                              and dword ptr [ecx+04h], 00000000h
                                                                                              mov eax, ecx
                                                                                              and dword ptr [ecx+08h], 00000000h
                                                                                              mov dword ptr [ecx+04h], 0049FE14h
                                                                                              mov dword ptr [ecx], 0049FE0Ch
                                                                                              ret
                                                                                              push ebp
                                                                                              mov ebp, esp
                                                                                              push esi
                                                                                              mov esi, ecx
                                                                                              lea eax, dword ptr [esi+04h]
                                                                                              mov dword ptr [esi], 0049FDD0h
                                                                                              and dword ptr [eax], 00000000h
                                                                                              and dword ptr [eax+04h], 00000000h
                                                                                              push eax
                                                                                              mov eax, dword ptr [ebp+08h]
                                                                                              add eax, 04h
                                                                                              push eax
                                                                                              call 00007F7CD4554A1Dh
                                                                                              pop ecx
                                                                                              pop ecx
                                                                                              mov eax, esi
                                                                                              pop esi
                                                                                              pop ebp
                                                                                              retn 0004h
                                                                                              lea eax, dword ptr [ecx+04h]
                                                                                              mov dword ptr [ecx], 0049FDD0h
                                                                                              push eax
                                                                                              call 00007F7CD4554A68h
                                                                                              pop ecx
                                                                                              ret
                                                                                              push ebp
                                                                                              mov ebp, esp
                                                                                              push esi
                                                                                              mov esi, ecx
                                                                                              lea eax, dword ptr [esi+04h]
                                                                                              mov dword ptr [esi], 0049FDD0h
                                                                                              push eax
                                                                                              call 00007F7CD4554A51h
                                                                                              test byte ptr [ebp+08h], 00000001h
                                                                                              pop ecx

                                                                                              Rich Headers

                                                                                              Programming Language:
                                                                                              • [ C ] VS2008 SP1 build 30729
                                                                                              • [IMP] VS2008 SP1 build 30729

                                                                                              Data Directories

                                                                                              NameVirtual AddressVirtual Size Is in Section
                                                                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x9500.rsrc
                                                                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0xde0000x7594.reloc
                                                                                              IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                              Sections

                                                                                              NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                              .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                              .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                              .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                              .rsrc0xd40000x95000x96000b86bf93844112ec489d12613fc5404fFalse0.28125data5.161452615375526IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                              .reloc0xde0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                              Resources

                                                                                              NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                              RT_ICON0xd45a80x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                              RT_ICON0xd46d00x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                              RT_ICON0xd47f80x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                              RT_ICON0xd49200x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                              RT_ICON0xd4c080x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                              RT_ICON0xd4d300xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                              RT_ICON0xd5bd80x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                              RT_ICON0xd64800x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                              RT_ICON0xd69e80x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                              RT_ICON0xd8f900x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                              RT_ICON0xda0380x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                              RT_MENU0xda4a00x50dataEnglishGreat Britain0.9
                                                                                              RT_STRING0xda4f00x594dataEnglishGreat Britain0.3333333333333333
                                                                                              RT_STRING0xdaa840x68adataEnglishGreat Britain0.2735961768219833
                                                                                              RT_STRING0xdb1100x490dataEnglishGreat Britain0.3715753424657534
                                                                                              RT_STRING0xdb5a00x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                              RT_STRING0xdbb9c0x65cdataEnglishGreat Britain0.34336609336609336
                                                                                              RT_STRING0xdc1f80x466dataEnglishGreat Britain0.3605683836589698
                                                                                              RT_STRING0xdc6600x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                              RT_RCDATA0xdc7b80x7c6data1.0055276381909548
                                                                                              RT_GROUP_ICON0xdcf800x76dataEnglishGreat Britain0.6610169491525424
                                                                                              RT_GROUP_ICON0xdcff80x14dataEnglishGreat Britain1.25
                                                                                              RT_GROUP_ICON0xdd00c0x14dataEnglishGreat Britain1.15
                                                                                              RT_GROUP_ICON0xdd0200x14dataEnglishGreat Britain1.25
                                                                                              RT_VERSION0xdd0340xdcdataEnglishGreat Britain0.6181818181818182
                                                                                              RT_MANIFEST0xdd1100x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                              Imports

                                                                                              DLLImport
                                                                                              WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                              VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                              WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                              COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                              MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                              WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                              PSAPI.DLLGetProcessMemoryInfo
                                                                                              IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                              USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                              UxTheme.dllIsThemeActive
                                                                                              KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                              USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                              GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                              COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                              ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                              SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                              ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                              OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                              Possible Origin

                                                                                              Language of compilation systemCountry where language is spokenMap
                                                                                              EnglishGreat Britain

                                                                                              Network Behavior

                                                                                              Network Port Distribution

                                                                                              TCP Packets

                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                              Sep 5, 2024 14:31:10.583182096 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:10.583219051 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:10.583563089 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:10.583852053 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:10.583868027 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:10.794188023 CEST49675443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:10.794188023 CEST49674443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:10.898035049 CEST49673443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:11.380575895 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.508107901 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.569082022 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.569104910 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.570683956 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.570708990 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.570750952 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.620259047 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.620403051 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.620820045 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.620831013 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.705738068 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.791856050 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.791958094 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.792010069 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.896100044 CEST49714443192.168.2.594.245.104.56
                                                                                              Sep 5, 2024 14:31:11.896128893 CEST4434971494.245.104.56192.168.2.5
                                                                                              Sep 5, 2024 14:31:12.482162952 CEST4434970323.1.237.91192.168.2.5
                                                                                              Sep 5, 2024 14:31:12.482331038 CEST49703443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:13.557742119 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:13.557777882 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:13.557960033 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:13.558186054 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:13.558202028 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.192658901 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.207184076 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.207209110 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.207958937 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.207981110 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.208055019 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.208062887 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.208144903 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.208832979 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.237761021 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.237890005 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.237900019 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.237972021 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.397566080 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.397593021 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.454679966 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.454838037 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.454859972 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.457503080 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.457596064 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.457612038 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.463804960 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.463897943 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.463915110 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.470040083 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.470097065 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.470113039 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.476246119 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.476310968 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.476325035 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.482500076 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.482589006 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.482600927 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.489207029 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.489383936 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.489403963 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.495079041 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.495160103 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.495174885 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.541251898 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.541310072 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.541326046 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.543312073 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.543366909 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.543380022 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.549628019 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.549676895 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.549693108 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.555990934 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.556046963 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.556063890 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.571882963 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.571948051 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.571993113 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.571995974 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.572010040 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.572062969 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.575330973 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.575373888 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.575382948 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.581020117 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.581295967 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.581306934 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.587140083 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.587248087 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.587255955 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.593018055 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.593199015 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.593208075 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.598382950 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.598634005 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.598642111 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.603907108 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.604468107 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.604476929 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.609343052 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.609427929 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.609433889 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.616348028 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.616446972 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.616453886 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.621040106 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.621253967 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.621259928 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.625389099 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.625454903 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.625463009 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.630909920 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.631567955 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.631593943 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.634768009 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.634823084 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.634830952 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.638823986 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.638885021 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.638894081 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.642405987 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.642528057 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.642537117 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.645889044 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.646132946 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.646140099 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.649498940 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.649705887 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.649713039 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.652851105 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.652945042 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.652950048 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.656414986 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.656505108 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.656512022 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.659782887 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.660216093 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.660228968 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.663358927 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.663481951 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.663499117 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.666749954 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.666965961 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.666982889 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.670279980 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.670372963 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.670388937 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.673818111 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.674043894 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.674057007 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.677201986 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.677262068 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.677268028 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.682090044 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.682178020 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.682184935 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.684011936 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.684075117 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.684082031 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.687458992 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.687521935 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.687529087 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.691111088 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.691200018 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.691205978 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.694437981 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.694483995 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.694492102 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.698180914 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.698337078 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.698343039 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.701132059 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.701196909 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.701203108 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.704567909 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.704695940 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.704709053 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.707892895 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.707977057 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.707983017 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.711132050 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.711163044 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.711218119 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.711226940 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.711289883 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.714004040 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.716895103 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.716960907 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.716969013 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.717323065 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.717367887 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:14.717375994 CEST44349720142.250.185.65192.168.2.5
                                                                                              Sep 5, 2024 14:31:14.717483044 CEST49720443192.168.2.5142.250.185.65
                                                                                              Sep 5, 2024 14:31:15.214443922 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.214477062 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.214596033 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.215234995 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.215275049 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.215317011 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.215496063 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.215509892 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.215616941 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.215631962 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.340758085 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.340787888 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.341016054 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.341562986 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.341582060 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.629796982 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:15.629839897 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.629899025 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:15.637854099 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:15.637872934 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.638279915 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:15.638314962 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.638390064 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:15.645392895 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:15.645411968 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.697815895 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.698839903 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.698909998 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.698935986 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.699079037 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.699109077 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.700225115 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.700273037 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.700292110 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.700365067 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.704241991 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.704406977 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.704457045 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.704716921 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.704843044 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.704863071 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.744507074 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.813493013 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.813829899 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.814090014 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.820811033 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.820827961 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.821113110 CEST49725443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.821154118 CEST44349725172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.822057009 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.822129965 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.827052116 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.827153921 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.827821016 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.827832937 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.829782963 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.829868078 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.832742929 CEST49727443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:15.832762003 CEST44349727172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.937742949 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.937843084 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.938136101 CEST49729443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:31:15.938155890 CEST44349729162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.196367025 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.196367025 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.196407080 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.196419001 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.196494102 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.196494102 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.199877024 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.199877024 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.199896097 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.199911118 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.281498909 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.281755924 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:16.307473898 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:16.307504892 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.307919025 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.410270929 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.410532951 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:16.507179022 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:16.540498972 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:16.588501930 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.607739925 CEST49742443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:16.607780933 CEST4434974235.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.612099886 CEST49742443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:16.629597902 CEST49742443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:16.629626036 CEST4434974235.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.661595106 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.666373968 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.666389942 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.666805983 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.681288004 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.681410074 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.682003021 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.683361053 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.683391094 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.683861971 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.684869051 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.684983015 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.722296000 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.722407103 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.723488092 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:16.734225988 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:16.734225988 CEST49732443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:16.734251022 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.734261036 CEST443497322.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.807010889 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.896505117 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.896564007 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.910496950 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.032891989 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:17.032938957 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.033452034 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:17.035005093 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:17.035022974 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.090651989 CEST4434974235.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.091993093 CEST49742443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:17.124769926 CEST49742443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:17.124800920 CEST4434974235.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.125116110 CEST4434974235.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.125375986 CEST49742443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:17.125386953 CEST4434974235.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.126584053 CEST49742443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:17.157303095 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:17.164331913 CEST804974534.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.165246010 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:17.171943903 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:17.176845074 CEST804974534.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.246728897 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.246762991 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.246866941 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.247035027 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.247051001 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.621196985 CEST804974534.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.660783052 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.666009903 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:17.712883949 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:17.712930918 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.726293087 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:17.726826906 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:17.726839066 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.740195036 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.742387056 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.742414951 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.742990971 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.743717909 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.748502016 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.757172108 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.762583017 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.762790918 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.762936115 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.802629948 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:17.803750992 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:17.803791046 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.804510117 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.816081047 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:17.817653894 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:17.817670107 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.864689112 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:17.864734888 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.864825964 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:17.864834070 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.873503923 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:17.873620033 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:17.873802900 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:17.873821020 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.873934984 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:17.873944044 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.889383078 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:17.889409065 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.889825106 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.916753054 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.916800022 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.916831970 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.916857958 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.916882992 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.918284893 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.923646927 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.923681021 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.923691988 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.938546896 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:17.995086908 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:18.009924889 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.009979963 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010009050 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010035992 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010080099 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010108948 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010135889 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010185003 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010209084 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010272980 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010967970 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.010998011 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:18.018614054 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:18.091922998 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:18.100070000 CEST49746443192.168.2.5142.251.40.174
                                                                                              Sep 5, 2024 14:31:18.100106001 CEST44349746142.251.40.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.132503033 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.273905039 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.274002075 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.277359009 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:18.334635019 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.335428953 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.380337000 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.380356073 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.380424023 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.380429983 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.380964041 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.380979061 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.380984068 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.380987883 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.381697893 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.381719112 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.382715940 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.383953094 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.383953094 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.383964062 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.383974075 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.386688948 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.418952942 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.418976068 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.419420958 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.419559002 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.419599056 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.419670105 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.420103073 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.420149088 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.420166016 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.420351982 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.421673059 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.425559044 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:18.425585985 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.425611973 CEST49744443192.168.2.52.18.97.153
                                                                                              Sep 5, 2024 14:31:18.425617933 CEST443497442.18.97.153192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.427989006 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.428076982 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.429615021 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.429627895 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.464504957 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.464519024 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.493119955 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.505369902 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.505386114 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.506556988 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.506568909 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.507462978 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.507462978 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.507483959 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.507496119 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.510164022 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.510246992 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.510360003 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.533834934 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.533863068 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.533871889 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.533899069 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.533915997 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.533926964 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.537342072 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.537355900 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.537415028 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.537415028 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.542532921 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.542553902 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.552503109 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.555716991 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.555716991 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.558029890 CEST49750443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.558052063 CEST44349750142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.558607101 CEST49749443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.558613062 CEST44349749142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.695316076 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.695337057 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.794636011 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.794648886 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.794687986 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.794703960 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.794715881 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.794728994 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.795274973 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.795289993 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.795330048 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.795337915 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.795345068 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801441908 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801476955 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801482916 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801500082 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801507950 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801515102 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801528931 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801533937 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801534891 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801548004 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801554918 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801559925 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801565886 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801569939 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801570892 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801570892 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801579952 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801588058 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801593065 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801601887 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.801628113 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801636934 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801645041 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801671028 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.801681995 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.802846909 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.802853107 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.802876949 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.802886009 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.802889109 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.802900076 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.806087971 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.806102037 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.806123972 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.808331013 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.809904099 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.809930086 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.809951067 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.809967041 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.809981108 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.810318947 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.810326099 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.810338020 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.810348988 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.810367107 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.810374022 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.814402103 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.814456940 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.815500021 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.815521002 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.815532923 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.815562010 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.825330973 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.825351000 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.825362921 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.825381041 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.825400114 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.827322006 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.835920095 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.840918064 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.844880104 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.844955921 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.892780066 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.892807007 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.893098116 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.893177032 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.893707037 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.893724918 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.894382954 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.894401073 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.894799948 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.894881964 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.898293972 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.898344040 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.898463011 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.898479939 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.901201963 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.901218891 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.905903101 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.908431053 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.911125898 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:18.911143064 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.911545992 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.923582077 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.932456970 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.952436924 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.965713978 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.965729952 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.965857029 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.966336012 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.967674971 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.967705011 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.968024969 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.968034029 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.968882084 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.968960047 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.969155073 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.969183922 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.969279051 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.969291925 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.972572088 CEST49747443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:18.972594976 CEST4434974713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.977951050 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.977977037 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.985168934 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.985214949 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.985691071 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.985713005 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.985841990 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.985861063 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.986030102 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.986078978 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.986124992 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.993058920 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.003947020 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.003977060 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.004015923 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.005996943 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.006138086 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.006138086 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.006156921 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.006211042 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.006237984 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.030725956 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.036856890 CEST49748443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.036871910 CEST4434974813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.081254005 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.081299067 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.081407070 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.082246065 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.082257986 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.115098953 CEST49755443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.115145922 CEST4434975513.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.129637003 CEST49755443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.145880938 CEST49755443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.145905018 CEST4434975513.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.261346102 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:19.266282082 CEST804975634.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.267710924 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:19.268112898 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:19.272912025 CEST804975634.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.348014116 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.348109961 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.353399038 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.359184980 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.359184980 CEST49733443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.359210014 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.359220982 CEST4434973340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.419465065 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.419512987 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.427119017 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.437134027 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.437793016 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.437818050 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.438280106 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.438294888 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.438718081 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.438750982 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.438756943 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.439013958 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.439049006 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.439210892 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.439258099 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.439506054 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.441370010 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.441411018 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.441575050 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.441582918 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.444498062 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.445123911 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445231915 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445241928 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.445242882 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445503950 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.445503950 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445677042 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445724010 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445735931 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.445873022 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445892096 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.445964098 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.445976019 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.446255922 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.446346998 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.446371078 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.446388960 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.446511030 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:19.446521044 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.458734989 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.461673975 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.461688995 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.462184906 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.462338924 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.462919950 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.463161945 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.463356018 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.463433027 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.491739988 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.491763115 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.529813051 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.529853106 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.530064106 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.530277967 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:19.530296087 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.545491934 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.556983948 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.557010889 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.558311939 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.559063911 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.560120106 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.560204983 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.560306072 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.604490995 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.661253929 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.661294937 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.661341906 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.661390066 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.661453962 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.661458969 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.661547899 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.663858891 CEST49753443192.168.2.5142.251.35.164
                                                                                              Sep 5, 2024 14:31:19.663887024 CEST44349753142.251.35.164192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.672501087 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.679413080 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.692363024 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.722003937 CEST804975634.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.844767094 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:20.078335047 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.080172062 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.081151962 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.081173897 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.081185102 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.081212044 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.081221104 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.081376076 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.081391096 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.081777096 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.082343102 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.082407951 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.082442045 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.082583904 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.082602024 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.082649946 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.082657099 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.083112955 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.083194971 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.083403111 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.083468914 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.083515882 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.083563089 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.110328913 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.110553980 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.111586094 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.111596107 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.111689091 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.111696005 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.112754107 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.112833977 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.112848997 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.113023996 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.113421917 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.113497972 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.113724947 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.113794088 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.113874912 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.113894939 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.126705885 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.126722097 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.128499031 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.128499031 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.156510115 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.160501003 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.179301977 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.179569006 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.179583073 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.180130959 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.180151939 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.180162907 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.180653095 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.181122065 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.182452917 CEST49761443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.182468891 CEST4434976113.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.182784081 CEST49766443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.182815075 CEST4434976613.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.183060884 CEST49759443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.183085918 CEST4434975913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.183294058 CEST49767443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.183315039 CEST4434976713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.183726072 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.183789968 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.185324907 CEST49766443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.185441971 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.185441971 CEST49767443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.185734034 CEST49767443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.185746908 CEST4434976713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.185853004 CEST49766443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.185864925 CEST4434976613.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.187728882 CEST49760443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.187736034 CEST4434976013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194225073 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.194274902 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.194314003 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194339037 CEST49755443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.194344997 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194366932 CEST49766443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.194431067 CEST49767443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.194467068 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:20.194506884 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:20.194546938 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194552898 CEST44349737172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194582939 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194600105 CEST44349738172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194765091 CEST44349752142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.194968939 CEST44349751142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.195070028 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.195086956 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.195190907 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.195202112 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.195344925 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.195350885 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.198149920 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.198163033 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.198184013 CEST49737443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.198184013 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:20.198184013 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:20.198204041 CEST49738443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.199937105 CEST49752443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:20.199950933 CEST49751443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:20.200007915 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.200007915 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.200351000 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.201275110 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.201286077 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.201380014 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.201400042 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.201491117 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.201505899 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.207600117 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.207617998 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.211703062 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:20.213807106 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.213866949 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.215851068 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.216741085 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.216804028 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.216901064 CEST49758443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.216912985 CEST4434975813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.218381882 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.219455957 CEST49762443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.219464064 CEST4434976213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.236504078 CEST4434976713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.236515045 CEST4434976613.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.238735914 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.238769054 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.238874912 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.239135027 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:20.239151001 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.240497112 CEST4434975513.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.294737101 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.295350075 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:20.295367956 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.296405077 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:20.296411037 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.296474934 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:20.296494961 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.304462910 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:21.015427113 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:21.015465975 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.015866995 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.018012047 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:21.018050909 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:21.018106937 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.168222904 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.171569109 CEST4434975513.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.171761990 CEST4434975513.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.172406912 CEST49755443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.172406912 CEST49755443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.176301003 CEST4434976713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.176415920 CEST4434976713.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.176551104 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.176582098 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.176644087 CEST49767443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.176644087 CEST49767443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.177808046 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.177932024 CEST4434976613.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.177964926 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.177995920 CEST49766443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.181792974 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.182228088 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.182619095 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.182917118 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.183048010 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.183137894 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.184134007 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.184149981 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.184348106 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.184364080 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.184495926 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.184503078 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.184546947 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.184933901 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.185003996 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.185194016 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.185480118 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.185841084 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.185965061 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.185969114 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.186302900 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.186381102 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.186793089 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.186894894 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.187280893 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:21.187313080 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.187410116 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.187510967 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.187553883 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:21.187813044 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:21.187829018 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.224512100 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.228498936 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.228509903 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.232496977 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.271127939 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.271218061 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.278714895 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.278798103 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.281517982 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.281519890 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:21.288213968 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.288499117 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.289038897 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.289061069 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.289778948 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.289861917 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.296277046 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.296308994 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.296407938 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.296441078 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.296485901 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.298242092 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.299329996 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.364901066 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:21.364938021 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.364950895 CEST49757443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:21.364959955 CEST4434975740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.379440069 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.379452944 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.379488945 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.379512072 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.379519939 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.379529953 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.381237984 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.381246090 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.381268978 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.381277084 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.381282091 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.381295919 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.382559061 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.397562027 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.397578001 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.401607037 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.469371080 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.469383955 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.469434977 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.469961882 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.469973087 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.470005035 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.470488071 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.470586061 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.471899033 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.475965977 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.496077061 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.591140032 CEST49772443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.591178894 CEST4434977213.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.591686010 CEST49770443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.591691971 CEST4434977013.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.591931105 CEST49769443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.591936111 CEST4434976913.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.607862949 CEST49768443192.168.2.513.107.246.40
                                                                                              Sep 5, 2024 14:31:21.607882977 CEST4434976813.107.246.40192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.767333031 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.770071983 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:21.770092964 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.771203995 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.771321058 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:21.772461891 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:21.772559881 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.772641897 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:21.816499949 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.980513096 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.992147923 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:22.064630032 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.064693928 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.064701080 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.064743996 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.064760923 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.064771891 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.064781904 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:22.065351963 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:22.065936089 CEST49773443192.168.2.5152.195.19.97
                                                                                              Sep 5, 2024 14:31:22.065953016 CEST44349773152.195.19.97192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.074054003 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:22.074078083 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.074202061 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:22.075292110 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:22.075305939 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.478476048 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.478496075 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.478866100 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.478878021 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.482834101 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.482834101 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.483675957 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.483691931 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.483721018 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.483728886 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.639245987 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.639275074 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.639306068 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.639534950 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:22.639554977 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.639756918 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:22.640944958 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:22.640944958 CEST49763443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:22.640975952 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.640985966 CEST4434976340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.724602938 CEST49703443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:22.724725008 CEST49703443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:22.729497910 CEST4434970323.1.237.91192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.729513884 CEST4434970323.1.237.91192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.749260902 CEST49779443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:22.749310970 CEST4434977923.1.237.91192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.749713898 CEST49779443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:22.750843048 CEST49779443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:22.750855923 CEST4434977923.1.237.91192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.834125996 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:22.834188938 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.834260941 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:22.834453106 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:22.834470034 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.873691082 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.873764038 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:22.875622988 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:22.875636101 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.875929117 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.939258099 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:22.941450119 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.941797018 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.941808939 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.942173958 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.943350077 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.943432093 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.944236994 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.944451094 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.944459915 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.944818974 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.945302963 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.945358992 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.980499983 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.991647005 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:23.007114887 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:23.203275919 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.203294039 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.203301907 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.203315020 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.203322887 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.203329086 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.203381062 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:23.203397036 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.203493118 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:23.204163074 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.204257011 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.204497099 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:23.215260029 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:23.215295076 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.215308905 CEST49775443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:23.215315104 CEST4434977520.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.335907936 CEST4434977923.1.237.91192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.335989952 CEST49779443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:23.601669073 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.602189064 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:23.602209091 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.605645895 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:23.605655909 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.639961958 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:23.640002012 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.485416889 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.485443115 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.485481977 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.485629082 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.485852003 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:24.488684893 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:24.488709927 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.488722086 CEST49780443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:24.488728046 CEST4434978040.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.592783928 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:24.592797041 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:24.592899084 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:24.593086004 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:24.593096018 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.361942053 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.362896919 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.362917900 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.364715099 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.364721060 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.364842892 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.364856958 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.666667938 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.666692972 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.666739941 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.666857958 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.666857958 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.666871071 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.667068958 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.667267084 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.667370081 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.667370081 CEST49782443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.667383909 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.667395115 CEST4434978240.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.794701099 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.794751883 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:25.794846058 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.795006990 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:25.795018911 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:26.583285093 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:26.584242105 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:26.584280968 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:26.585016966 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:26.585026026 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:26.595160007 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:26.595180988 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.007636070 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.007652998 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.007725000 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.007796049 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.008133888 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.008152962 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.008162975 CEST49783443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.008168936 CEST4434978340.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.058501959 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.058536053 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.058846951 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.059114933 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.059120893 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.059139967 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.059163094 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.059372902 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.059828043 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:27.059839010 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.642324924 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:27.837179899 CEST804974534.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.003557920 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.004308939 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.004329920 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.005744934 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.007709980 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.007725000 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.010086060 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.010093927 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.010113955 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.010122061 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.022200108 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.022200108 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.022212029 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.022228003 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.379512072 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.379528999 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.379589081 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.379611969 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.379626036 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.379714012 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.379957914 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.379981995 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.379996061 CEST49784443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.380001068 CEST4434978440.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.872912884 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.872945070 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.872986078 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.873076916 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.873255014 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.873820066 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.873820066 CEST49785443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:28.873842955 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:28.873853922 CEST4434978540.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:29.003942966 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:29.003985882 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:29.004096985 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:29.004282951 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:29.004295111 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:29.728250980 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:29.733282089 CEST804975634.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:29.783984900 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:29.784810066 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:29.784823895 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:29.785583019 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:29.785588980 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:29.785620928 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:29.785631895 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.134820938 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.134854078 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.134884119 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.134927034 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.134942055 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.134982109 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.135194063 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.135416031 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.135452986 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.135468006 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.135474920 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.136826038 CEST49786443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.136837006 CEST4434978640.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.233135939 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.233184099 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:30.236377954 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.236669064 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:30.236695051 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.464822054 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.466460943 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:31.466489077 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.467207909 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:31.467216969 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.467256069 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:31.467263937 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.791544914 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.791567087 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.791620970 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.791692972 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.794617891 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:31.795103073 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:31.795129061 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:31.795145035 CEST49787443192.168.2.540.126.31.69
                                                                                              Sep 5, 2024 14:31:31.795150995 CEST4434978740.126.31.69192.168.2.5
                                                                                              Sep 5, 2024 14:31:37.850349903 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:38.030441046 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:38.030523062 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:38.030685902 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:38.030745983 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:38.030807972 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:38.031094074 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:38.032438993 CEST804974534.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:39.738941908 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:39.743835926 CEST804975634.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:42.491916895 CEST4434977923.1.237.91192.168.2.5
                                                                                              Sep 5, 2024 14:31:42.492017031 CEST49779443192.168.2.523.1.237.91
                                                                                              Sep 5, 2024 14:31:45.331043005 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.331094980 CEST4434978834.149.100.209192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.331300020 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.331485987 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.331506968 CEST4434978834.149.100.209192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.332336903 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.332365036 CEST4434978935.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.332583904 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.332739115 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.332756042 CEST4434978935.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.364626884 CEST49790443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:45.364656925 CEST4434979035.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.364869118 CEST49790443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:45.366444111 CEST49790443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:45.366456985 CEST4434979035.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.652467966 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:45.652523041 CEST4434979152.222.236.23192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.652714014 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:45.669226885 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:45.669256926 CEST4434979152.222.236.23192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.795464993 CEST4434978935.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.795598030 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.798681974 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.798696041 CEST4434978935.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.799041986 CEST4434978935.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.800641060 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.800790071 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.800823927 CEST4434978935.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.800940037 CEST49789443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:45.801918983 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:45.801953077 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:45.806868076 CEST804975634.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.806946039 CEST4975680192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:45.807276011 CEST804974534.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.807853937 CEST4974580192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:45.813021898 CEST4434978834.149.100.209192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.813114882 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.816087961 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.816101074 CEST4434978834.149.100.209192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.816369057 CEST4434978834.149.100.209192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.817395926 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:45.818640947 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.818783998 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.818865061 CEST4434978834.149.100.209192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.818921089 CEST49788443192.168.2.534.149.100.209
                                                                                              Sep 5, 2024 14:31:45.822248936 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.822335958 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:45.822501898 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:45.827289104 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.829478025 CEST4434979035.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.829552889 CEST49790443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:45.832993031 CEST49790443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:45.832998991 CEST4434979035.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.833065987 CEST49790443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:45.833503962 CEST4434979035.190.72.216192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.833595991 CEST49790443192.168.2.535.190.72.216
                                                                                              Sep 5, 2024 14:31:46.267205000 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.272947073 CEST4979380192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.278229952 CEST804979334.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.278305054 CEST4979380192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.278476000 CEST4979380192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.283308983 CEST804979334.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.310944080 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.423587084 CEST4434979152.222.236.23192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.423722029 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:46.427174091 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:46.427201986 CEST4434979152.222.236.23192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.427468061 CEST4434979152.222.236.23192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.429521084 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:46.429641008 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:46.429724932 CEST4434979152.222.236.23192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.436500072 CEST4434979152.222.236.23192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.440160990 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.440213919 CEST4434979435.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.442584038 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:46.442584038 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:46.442584038 CEST49791443192.168.2.552.222.236.23
                                                                                              Sep 5, 2024 14:31:46.442619085 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.443033934 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.443048000 CEST4434979435.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.452511072 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.453872919 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.453919888 CEST4434979535.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.454015970 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.454123020 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.454142094 CEST4434979535.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.457304955 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.461270094 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.461292982 CEST4434979635.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.461378098 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.461464882 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.461472988 CEST4434979635.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.547333002 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.548151970 CEST4979380192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.551464081 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.556302071 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.556376934 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.556524992 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.561485052 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.595146894 CEST804979334.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.596224070 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.640414953 CEST804979334.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.640505075 CEST4979380192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.898155928 CEST4434979435.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.902370930 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.905421019 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.905435085 CEST4434979435.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.905736923 CEST4434979435.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.907835960 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.907974958 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.908056974 CEST4434979435.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.908099890 CEST49794443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.910254002 CEST4434979535.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.910641909 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.913665056 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.913688898 CEST4434979535.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.913800955 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:46.913980961 CEST4434979535.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.916728973 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.916807890 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.916929960 CEST4434979535.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.918438911 CEST49795443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.919553041 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.923051119 CEST4434979635.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.923157930 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.925580978 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.925590038 CEST4434979635.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.925843954 CEST4434979635.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.928575039 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.928642035 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:46.928759098 CEST4434979635.244.181.201192.168.2.5
                                                                                              Sep 5, 2024 14:31:46.929424047 CEST49796443192.168.2.535.244.181.201
                                                                                              Sep 5, 2024 14:31:47.008918047 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:47.008935928 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:47.014643908 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:47.019593954 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:47.059957027 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:47.110061884 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:47.160340071 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:57.025456905 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:57.030344009 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:57.125850916 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:31:57.131638050 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:31:59.928324938 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:59.928355932 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:31:59.928442955 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:59.928774118 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:31:59.928782940 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:00.713922024 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:00.714083910 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:00.715356112 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:00.715368032 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:00.715702057 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:00.717192888 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:00.760498047 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.316898108 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.316930056 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.316950083 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.317034960 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:01.317064047 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.317075968 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.317085981 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:01.317135096 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:01.317153931 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.317154884 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:01.317198038 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:01.320631027 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:01.320664883 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:01.320679903 CEST49799443192.168.2.520.114.59.183
                                                                                              Sep 5, 2024 14:32:01.320686102 CEST4434979920.114.59.183192.168.2.5
                                                                                              Sep 5, 2024 14:32:07.041446924 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:07.147120953 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:08.048376083 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:08.148833990 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:09.057811022 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:09.057821989 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:09.317332983 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:09.317346096 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:10.119781971 CEST49778443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:10.119811058 CEST44349778172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:10.119829893 CEST49777443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:10.119837046 CEST44349777172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:16.788948059 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:16.789002895 CEST4434980134.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:16.790014982 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:16.790036917 CEST4434980234.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:16.791683912 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:16.791824102 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:16.791824102 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:16.791851997 CEST4434980134.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:16.791987896 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:16.792000055 CEST4434980234.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.262979984 CEST4434980134.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.263051033 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.267379045 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.267396927 CEST4434980134.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.267782927 CEST4434980134.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.270286083 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.270452023 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.270509005 CEST4434980134.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.270601988 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.270634890 CEST49801443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.278687000 CEST4434980234.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.278969049 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.282068968 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.282088995 CEST4434980234.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.282361031 CEST4434980234.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.284933090 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.285032988 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.285129070 CEST4434980234.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.285187960 CEST49802443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.480300903 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:17.485124111 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.559628010 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.559684038 CEST4434980334.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.560185909 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.560210943 CEST4434980434.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.560504913 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.560626030 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.560632944 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.560652018 CEST4434980334.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.560726881 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.560750961 CEST4434980434.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.574135065 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.574172020 CEST4434980534.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.574237108 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.574374914 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:17.574387074 CEST4434980534.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.579765081 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.622330904 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:18.024344921 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:18.031439066 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.035864115 CEST4434980334.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.035932064 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.039628029 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.039639950 CEST4434980334.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.039984941 CEST4434980334.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.042675018 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.042767048 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.042922020 CEST4434980334.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.043138981 CEST49803443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.046740055 CEST4434980434.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.046916008 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.050080061 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.050105095 CEST4434980434.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.050616026 CEST4434980434.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.052946091 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.053073883 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.053138018 CEST4434980434.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.055645943 CEST49804443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.055741072 CEST4434980534.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.055829048 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.058864117 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.058877945 CEST4434980534.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.059187889 CEST4434980534.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.061146021 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.061239958 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.061345100 CEST4434980534.120.208.123192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.061856985 CEST49805443192.168.2.534.120.208.123
                                                                                              Sep 5, 2024 14:32:18.123671055 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:18.177381992 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:18.241823912 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:18.246757030 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.333821058 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.334191084 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.334420919 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.334898949 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.335086107 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:19.335119963 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:19.335119963 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:19.586798906 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:19.591742039 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.682519913 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.744349003 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:29.339152098 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:29.343991041 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:29.696553946 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:29.701513052 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:39.351589918 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:39.358076096 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:39.714960098 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:39.719947100 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:49.378036022 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:49.382986069 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:49.721178055 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:49.726011038 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:59.393095016 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:59.398025990 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:32:59.738333941 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:32:59.743380070 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:33:09.413958073 CEST4979280192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:33:09.418843031 CEST804979234.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:33:09.746057034 CEST4979780192.168.2.534.107.221.82
                                                                                              Sep 5, 2024 14:33:09.752116919 CEST804979734.107.221.82192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.624104023 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:12.624140978 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.624198914 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:12.624471903 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:12.624492884 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.083621025 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.083931923 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:13.083950996 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.084292889 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.085453033 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:13.085525990 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.085598946 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:13.128504992 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.140671968 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:13.215207100 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.215308905 CEST4434980623.55.235.170192.168.2.5
                                                                                              Sep 5, 2024 14:33:13.215356112 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:13.215517044 CEST49806443192.168.2.523.55.235.170
                                                                                              Sep 5, 2024 14:33:13.215538025 CEST4434980623.55.235.170192.168.2.5

                                                                                              UDP Packets

                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                              Sep 5, 2024 14:31:10.383079052 CEST53548611.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:11.888741016 CEST6481053192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:11.888932943 CEST5060353192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:13.213583946 CEST53572351.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:13.549218893 CEST5875353192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:13.549374104 CEST6146853192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:13.555888891 CEST53587531.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:13.557264090 CEST53614681.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:13.692260027 CEST53567871.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.196450949 CEST5705853192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:15.196909904 CEST6193753192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:15.197289944 CEST6349553192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:15.197447062 CEST6453453192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:15.213361979 CEST53570581.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.213376045 CEST53634951.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.213576078 CEST53645341.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.213603973 CEST53619371.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.322138071 CEST5788653192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:15.328986883 CEST53578861.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.332880020 CEST5841053192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:15.340338945 CEST53584101.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:15.893424034 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.195667028 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.345561028 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.345686913 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.345782995 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.345794916 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.345849037 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.346421003 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.350399017 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.354710102 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.354831934 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.391937971 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.392757893 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.448385954 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.448534966 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.448544979 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.448554039 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.449059963 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.449172020 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.487411976 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.488320112 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.488584995 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.493052006 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.542711020 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.583769083 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:16.607791901 CEST5663153192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:16.615076065 CEST53566311.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:16.652558088 CEST4961653192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:16.660176992 CEST53496161.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.143753052 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.144001007 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.144551992 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.144654989 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.146888971 CEST5439953192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:17.174249887 CEST5972653192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:17.181586981 CEST53597261.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.200407982 CEST5630153192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:17.208280087 CEST53563011.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.237634897 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.237909079 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.239557981 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.240355015 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.241041899 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.241203070 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.241213083 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.242481947 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.245512009 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.332874060 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.333646059 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.334563971 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.334575891 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.364501953 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.446856976 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.446948051 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.666213036 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.687109947 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.688843966 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.689255953 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.712203979 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.761275053 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.765022039 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.765064955 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:17.862534046 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.862885952 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.863063097 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:17.864063025 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:18.252717972 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:18.252806902 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:18.347364902 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.348198891 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.348820925 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:18.380625963 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:18.560846090 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.967235088 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:18.972239017 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:18.972503901 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:19.012490034 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.018129110 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.018731117 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.026563883 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.036659956 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.063175917 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.063201904 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.067579985 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.070148945 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.070278883 CEST44350303172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.074302912 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.075421095 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.078660965 CEST50303443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:19.143173933 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.143341064 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.143583059 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.143822908 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.143822908 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.143942118 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.219981909 CEST5352853192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:19.233261108 CEST53535281.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.235687971 CEST5262153192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:19.238634109 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.238703012 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.240328074 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.240746021 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.240757942 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.242644072 CEST53526211.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.242945910 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.248789072 CEST6080753192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:19.269646883 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.270888090 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.270898104 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.272852898 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:19.278338909 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.278446913 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.306494951 CEST55010443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:19.373717070 CEST44355010142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.196228981 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.200731039 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.200963974 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.201039076 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.586334944 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.985239983 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.985301018 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.985312939 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.985322952 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.985332966 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:20.985846043 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.985980988 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.986232042 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:20.986326933 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:21.083432913 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.085180998 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:21.183988094 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.185199022 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.185564041 CEST44357002172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:21.186489105 CEST57002443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.477701902 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.791291952 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.930818081 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.930875063 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.931144953 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.931165934 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.931179047 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:22.931411982 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.933197975 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.933341980 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.933585882 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:22.933705091 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:23.031001091 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.031075954 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.031086922 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.031096935 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.031639099 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:23.031785965 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:23.031903982 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.032774925 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.033442974 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.033648968 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:23.129504919 CEST44362539172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:31:23.161179066 CEST62539443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:31:26.990864992 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:26.992189884 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:27.830512047 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.830540895 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.830698013 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.831302881 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:27.831510067 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:27.831866980 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:27.831866980 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:27.930093050 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.931210995 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.931318998 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.931694031 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:27.983566046 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.984344006 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:27.986465931 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:28.021832943 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:28.110181093 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.322469950 CEST5761953192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.330091953 CEST53576191.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.331146955 CEST5937153192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.332602978 CEST5465953192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.339097023 CEST53593711.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.339777946 CEST5294353192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.341106892 CEST53546591.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.341634989 CEST5520153192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.346632004 CEST53529431.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.348347902 CEST53552011.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.644339085 CEST5627053192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.651422977 CEST53562701.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.652791977 CEST6285253192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.660957098 CEST53628521.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.661566019 CEST5794653192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:45.668610096 CEST53579461.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:31:45.807794094 CEST6177753192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:31:48.171822071 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:48.252531052 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:48.295562983 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:48.297172070 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:48.297600031 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:48.301697016 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:48.334197044 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:48.377063990 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:48.379966021 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:48.380537987 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:48.382116079 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:48.418756962 CEST58579443192.168.2.5142.250.65.174
                                                                                              Sep 5, 2024 14:31:48.424726963 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:31:48.505256891 CEST44358579142.250.65.174192.168.2.5
                                                                                              Sep 5, 2024 14:32:14.427546024 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:14.427771091 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:14.427957058 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:14.428160906 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:14.991177082 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:14.992506027 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:14.993194103 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:15.029537916 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:15.087311029 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.087327003 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.087336063 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.087346077 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.087790966 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:15.087865114 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:15.182609081 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.183370113 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:15.278419018 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.279282093 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.280071020 CEST44349362172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.280330896 CEST49362443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:32:15.281572104 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:15.588378906 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:15.734874964 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.737657070 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.737677097 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.737694025 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.737730026 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.738286972 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:15.741426945 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:15.741575956 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:15.853657007 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.853703022 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.853713989 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.853724003 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.853734016 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:15.854252100 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:15.854499102 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:15.953514099 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:16.790663004 CEST6083753192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:32:16.798422098 CEST53608371.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:32:16.799101114 CEST6132353192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:32:16.807131052 CEST53613231.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:32:17.480218887 CEST6550653192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:32:18.295732021 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:18.297012091 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:18.995717049 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:19.781609058 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.782695055 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.784163952 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.784209967 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.784218073 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.784331083 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.784502983 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:19.785487890 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:19.884887934 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.884900093 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:19.885298967 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:19.909413099 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:20.003673077 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:20.258097887 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:20.258135080 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:20.258261919 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:20.258905888 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:20.296829939 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:20.319581985 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:20.320028067 CEST62216443192.168.2.564.233.180.84
                                                                                              Sep 5, 2024 14:32:20.394623995 CEST4436221664.233.180.84192.168.2.5
                                                                                              Sep 5, 2024 14:32:35.854770899 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:35.888689995 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:36.371079922 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:32:36.405198097 CEST52421443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:32:45.896843910 CEST4435242123.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:33:11.885484934 CEST6489853192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:33:11.885696888 CEST6361253192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:33:11.892602921 CEST53636121.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:33:11.892676115 CEST53648981.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:33:11.897384882 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:11.897537947 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:11.897819996 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:11.897916079 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:12.338416100 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.339224100 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:12.369786978 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:12.433048964 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.433126926 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.433140039 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.433151960 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.433506012 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:12.433563948 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:12.527326107 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.527646065 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:12.622225046 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.622900963 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.623034954 CEST44354821162.159.61.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:12.623454094 CEST54821443192.168.2.5162.159.61.3
                                                                                              Sep 5, 2024 14:33:14.144351006 CEST5748453192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:33:14.144443035 CEST5421853192.168.2.51.1.1.1
                                                                                              Sep 5, 2024 14:33:14.151952028 CEST53574841.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.151976109 CEST53542181.1.1.1192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.152899981 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.152985096 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.153146982 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.153209925 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.492408991 CEST52645443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:33:14.544650078 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.617069006 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.617568016 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.642437935 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.642463923 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.642476082 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.642479897 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.642745972 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.642828941 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.642896891 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.715063095 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.740106106 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.740606070 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.839399099 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.840359926 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.840720892 CEST44350651172.64.41.3192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.840883970 CEST50651443192.168.2.5172.64.41.3
                                                                                              Sep 5, 2024 14:33:14.938739061 CEST4435264523.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.939245939 CEST4435264523.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:33:14.939975023 CEST52645443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:33:15.034384012 CEST4435264523.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:33:15.034413099 CEST4435264523.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:33:15.034424067 CEST4435264523.59.250.72192.168.2.5
                                                                                              Sep 5, 2024 14:33:15.034761906 CEST52645443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:33:15.061726093 CEST52645443192.168.2.523.59.250.72
                                                                                              Sep 5, 2024 14:33:15.133060932 CEST4435264523.59.250.72192.168.2.5

                                                                                              DNS Queries

                                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                              Sep 5, 2024 14:31:11.888741016 CEST192.168.2.51.1.1.10xa977Standard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:11.888932943 CEST192.168.2.51.1.1.10x4a9cStandard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:13.549218893 CEST192.168.2.51.1.1.10x92bStandard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:13.549374104 CEST192.168.2.51.1.1.10xcb70Standard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.196450949 CEST192.168.2.51.1.1.10x4714Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.196909904 CEST192.168.2.51.1.1.10x865fStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.197289944 CEST192.168.2.51.1.1.10xfd39Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.197447062 CEST192.168.2.51.1.1.10x9edbStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.322138071 CEST192.168.2.51.1.1.10x3c0cStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.332880020 CEST192.168.2.51.1.1.10x1004Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:16.607791901 CEST192.168.2.51.1.1.10x731fStandard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:16.652558088 CEST192.168.2.51.1.1.10xc732Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.146888971 CEST192.168.2.51.1.1.10xe73Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.174249887 CEST192.168.2.51.1.1.10x54c8Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.200407982 CEST192.168.2.51.1.1.10x5a6fStandard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.219981909 CEST192.168.2.51.1.1.10xb139Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.235687971 CEST192.168.2.51.1.1.10x39c7Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.248789072 CEST192.168.2.51.1.1.10x716cStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.322469950 CEST192.168.2.51.1.1.10x35c0Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.331146955 CEST192.168.2.51.1.1.10xa617Standard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.332602978 CEST192.168.2.51.1.1.10x37ccStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.339777946 CEST192.168.2.51.1.1.10xba4eStandard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.341634989 CEST192.168.2.51.1.1.10xef61Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.644339085 CEST192.168.2.51.1.1.10x236eStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.652791977 CEST192.168.2.51.1.1.10x26e0Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.661566019 CEST192.168.2.51.1.1.10xb6b8Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.807794094 CEST192.168.2.51.1.1.10x3c47Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:16.790663004 CEST192.168.2.51.1.1.10xcc85Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:16.799101114 CEST192.168.2.51.1.1.10xd63bStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:17.480218887 CEST192.168.2.51.1.1.10x513fStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:11.885484934 CEST192.168.2.51.1.1.10x4ea5Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:11.885696888 CEST192.168.2.51.1.1.10x828eStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:14.144351006 CEST192.168.2.51.1.1.10x2b58Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:14.144443035 CEST192.168.2.51.1.1.10x176eStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                              DNS Answers

                                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                              Sep 5, 2024 14:31:10.580286980 CEST1.1.1.1192.168.2.50x83b4No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:10.580579996 CEST1.1.1.1192.168.2.50xacNo error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:10.580579996 CEST1.1.1.1192.168.2.50xacNo error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:11.896754980 CEST1.1.1.1192.168.2.50xa977No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:11.897464991 CEST1.1.1.1192.168.2.50x4a9cNo error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:13.555888891 CEST1.1.1.1192.168.2.50x92bNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:13.555888891 CEST1.1.1.1192.168.2.50x92bNo error (0)googlehosted.l.googleusercontent.com142.250.185.65A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:13.557264090 CEST1.1.1.1192.168.2.50xcb70No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:14.740678072 CEST1.1.1.1192.168.2.50xe6fNo error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:14.741044998 CEST1.1.1.1192.168.2.50x3f8bNo error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:14.741044998 CEST1.1.1.1192.168.2.50x3f8bNo error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.213361979 CEST1.1.1.1192.168.2.50x4714No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.213361979 CEST1.1.1.1192.168.2.50x4714No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.213376045 CEST1.1.1.1192.168.2.50xfd39No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.213376045 CEST1.1.1.1192.168.2.50xfd39No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.213576078 CEST1.1.1.1192.168.2.50x9edbNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.213603973 CEST1.1.1.1192.168.2.50x865fNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.328986883 CEST1.1.1.1192.168.2.50x3c0cNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.328986883 CEST1.1.1.1192.168.2.50x3c0cNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.340338945 CEST1.1.1.1192.168.2.50x1004No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.766575098 CEST1.1.1.1192.168.2.50x5290No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.766575098 CEST1.1.1.1192.168.2.50x5290No error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:15.767824888 CEST1.1.1.1192.168.2.50x6a2No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:16.597496033 CEST1.1.1.1192.168.2.50xcc4eNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:16.615076065 CEST1.1.1.1192.168.2.50x731fNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.154386044 CEST1.1.1.1192.168.2.50xe73No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.154386044 CEST1.1.1.1192.168.2.50xe73No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.181586981 CEST1.1.1.1192.168.2.50x54c8No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.208280087 CEST1.1.1.1192.168.2.50x5a6fNo error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.797919035 CEST1.1.1.1192.168.2.50x673No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:17.797919035 CEST1.1.1.1192.168.2.50x673No error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:18.856323957 CEST1.1.1.1192.168.2.50x673No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:18.856323957 CEST1.1.1.1192.168.2.50x673No error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.233261108 CEST1.1.1.1192.168.2.50xb139No error (0)example.org93.184.215.14A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.242644072 CEST1.1.1.1192.168.2.50x39c7No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.242644072 CEST1.1.1.1192.168.2.50x39c7No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.255496979 CEST1.1.1.1192.168.2.50x716cNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.255496979 CEST1.1.1.1192.168.2.50x716cNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.861891985 CEST1.1.1.1192.168.2.50x673No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:19.861891985 CEST1.1.1.1192.168.2.50x673No error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:22.067835093 CEST1.1.1.1192.168.2.50x673No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:22.067835093 CEST1.1.1.1192.168.2.50x673No error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:26.240432024 CEST1.1.1.1192.168.2.50x673No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:26.240432024 CEST1.1.1.1192.168.2.50x673No error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.330091953 CEST1.1.1.1192.168.2.50x35c0No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.330091953 CEST1.1.1.1192.168.2.50x35c0No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.331311941 CEST1.1.1.1192.168.2.50xe1a8No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.331311941 CEST1.1.1.1192.168.2.50xe1a8No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.339097023 CEST1.1.1.1192.168.2.50xa617No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.341106892 CEST1.1.1.1192.168.2.50x37ccNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.651422977 CEST1.1.1.1192.168.2.50x236eNo error (0)services.addons.mozilla.org52.222.236.23A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.651422977 CEST1.1.1.1192.168.2.50x236eNo error (0)services.addons.mozilla.org52.222.236.80A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.651422977 CEST1.1.1.1192.168.2.50x236eNo error (0)services.addons.mozilla.org52.222.236.120A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.651422977 CEST1.1.1.1192.168.2.50x236eNo error (0)services.addons.mozilla.org52.222.236.48A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.660957098 CEST1.1.1.1192.168.2.50x26e0No error (0)services.addons.mozilla.org52.222.236.80A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.660957098 CEST1.1.1.1192.168.2.50x26e0No error (0)services.addons.mozilla.org52.222.236.120A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.660957098 CEST1.1.1.1192.168.2.50x26e0No error (0)services.addons.mozilla.org52.222.236.23A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.660957098 CEST1.1.1.1192.168.2.50x26e0No error (0)services.addons.mozilla.org52.222.236.48A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.814603090 CEST1.1.1.1192.168.2.50x3c47No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:45.814603090 CEST1.1.1.1192.168.2.50x3c47No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:46.460437059 CEST1.1.1.1192.168.2.50xea52No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:46.460437059 CEST1.1.1.1192.168.2.50xea52No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:46.923386097 CEST1.1.1.1192.168.2.50x45abNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:31:46.923386097 CEST1.1.1.1192.168.2.50x45abNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:16.786174059 CEST1.1.1.1192.168.2.50xf8e5No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:16.798422098 CEST1.1.1.1192.168.2.50xcc85No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:17.487915039 CEST1.1.1.1192.168.2.50x513fNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:17.487915039 CEST1.1.1.1192.168.2.50x513fNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:32:17.558264971 CEST1.1.1.1192.168.2.50xf112No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:11.892602921 CEST1.1.1.1192.168.2.50x828eNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:11.892676115 CEST1.1.1.1192.168.2.50x4ea5No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:11.892676115 CEST1.1.1.1192.168.2.50x4ea5No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:14.151952028 CEST1.1.1.1192.168.2.50x2b58No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:14.151952028 CEST1.1.1.1192.168.2.50x2b58No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                              Sep 5, 2024 14:33:14.151976109 CEST1.1.1.1192.168.2.50x176eNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                              HTTP Request Dependency Graph

                                                                                              • api.edgeoffer.microsoft.com
                                                                                              • clients2.googleusercontent.com
                                                                                              • chrome.cloudflare-dns.com
                                                                                              • https:
                                                                                                • accounts.youtube.com
                                                                                                • www.google.com
                                                                                              • fs.microsoft.com
                                                                                              • edgeassetservice.azureedge.net
                                                                                              • login.live.com
                                                                                              • msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                              • slscr.update.microsoft.com
                                                                                              • detectportal.firefox.com

                                                                                              HTTP Packets

                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              0192.168.2.54974534.107.221.82801816C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              Sep 5, 2024 14:31:17.171943903 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Connection: keep-alive
                                                                                              Sep 5, 2024 14:31:17.621196985 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23043
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:31:27.642324924 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:31:37.850349903 CEST6OUTData Raw: 00
                                                                                              Data Ascii:


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              1192.168.2.54975634.107.221.82801816C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              Sep 5, 2024 14:31:19.268112898 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Connection: keep-alive
                                                                                              Pragma: no-cache
                                                                                              Cache-Control: no-cache
                                                                                              Sep 5, 2024 14:31:19.722003937 CEST216INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 8
                                                                                              Via: 1.1 google
                                                                                              Date: Wed, 04 Sep 2024 18:31:46 GMT
                                                                                              Age: 64773
                                                                                              Content-Type: text/plain
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 73 75 63 63 65 73 73 0a
                                                                                              Data Ascii: success
                                                                                              Sep 5, 2024 14:31:29.728250980 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:31:39.738941908 CEST6OUTData Raw: 00
                                                                                              Data Ascii:


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              2192.168.2.54979234.107.221.82801816C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              Sep 5, 2024 14:31:45.822501898 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Connection: keep-alive
                                                                                              Sep 5, 2024 14:31:46.267205000 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23072
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:31:46.452511072 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Connection: keep-alive
                                                                                              Sep 5, 2024 14:31:46.547333002 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23072
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:31:46.913800955 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Connection: keep-alive
                                                                                              Sep 5, 2024 14:31:47.008918047 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23072
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:31:57.025456905 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:07.041446924 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:08.048376083 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:17.480300903 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Connection: keep-alive
                                                                                              Sep 5, 2024 14:32:17.579765081 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23103
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:32:18.241823912 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Connection: keep-alive
                                                                                              Sep 5, 2024 14:32:19.333821058 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23104
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:32:19.334191084 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23104
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:32:19.334420919 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23104
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:32:19.334898949 CEST298INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 90
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 06:07:14 GMT
                                                                                              Age: 23104
                                                                                              Content-Type: text/html
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                              Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                              Sep 5, 2024 14:32:29.339152098 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:39.351589918 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:49.378036022 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:59.393095016 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:33:09.413958073 CEST6OUTData Raw: 00
                                                                                              Data Ascii:


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              3192.168.2.54979334.107.221.82801816C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              Sep 5, 2024 14:31:46.278476000 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Connection: keep-alive
                                                                                              Pragma: no-cache
                                                                                              Cache-Control: no-cache


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              4192.168.2.54979734.107.221.82801816C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              Sep 5, 2024 14:31:46.556524992 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Connection: keep-alive
                                                                                              Pragma: no-cache
                                                                                              Cache-Control: no-cache
                                                                                              Sep 5, 2024 14:31:47.008935928 CEST216INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 8
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 08:25:25 GMT
                                                                                              Age: 14781
                                                                                              Content-Type: text/plain
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 73 75 63 63 65 73 73 0a
                                                                                              Data Ascii: success
                                                                                              Sep 5, 2024 14:31:47.014643908 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Connection: keep-alive
                                                                                              Pragma: no-cache
                                                                                              Cache-Control: no-cache
                                                                                              Sep 5, 2024 14:31:47.110061884 CEST216INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 8
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 08:25:25 GMT
                                                                                              Age: 14782
                                                                                              Content-Type: text/plain
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 73 75 63 63 65 73 73 0a
                                                                                              Data Ascii: success
                                                                                              Sep 5, 2024 14:31:57.125850916 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:07.147120953 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:08.148833990 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:18.024344921 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Connection: keep-alive
                                                                                              Pragma: no-cache
                                                                                              Cache-Control: no-cache
                                                                                              Sep 5, 2024 14:32:18.123671055 CEST216INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 8
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 08:25:25 GMT
                                                                                              Age: 14813
                                                                                              Content-Type: text/plain
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 73 75 63 63 65 73 73 0a
                                                                                              Data Ascii: success
                                                                                              Sep 5, 2024 14:32:19.586798906 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                              Host: detectportal.firefox.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                              Accept: */*
                                                                                              Accept-Language: en-US,en;q=0.5
                                                                                              Accept-Encoding: gzip, deflate
                                                                                              Connection: keep-alive
                                                                                              Pragma: no-cache
                                                                                              Cache-Control: no-cache
                                                                                              Sep 5, 2024 14:32:19.682519913 CEST216INHTTP/1.1 200 OK
                                                                                              Server: nginx
                                                                                              Content-Length: 8
                                                                                              Via: 1.1 google
                                                                                              Date: Thu, 05 Sep 2024 08:25:25 GMT
                                                                                              Age: 14814
                                                                                              Content-Type: text/plain
                                                                                              Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                              Data Raw: 73 75 63 63 65 73 73 0a
                                                                                              Data Ascii: success
                                                                                              Sep 5, 2024 14:32:29.696553946 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:39.714960098 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:49.721178055 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:32:59.738333941 CEST6OUTData Raw: 00
                                                                                              Data Ascii:
                                                                                              Sep 5, 2024 14:33:09.746057034 CEST6OUTData Raw: 00
                                                                                              Data Ascii:


                                                                                              HTTPS Proxied Packets

                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              0192.168.2.54971494.245.104.564437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:11 UTC428OUTGET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1
                                                                                              Host: api.edgeoffer.microsoft.com
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:11 UTC584INHTTP/1.1 200 OK
                                                                                              Content-Length: 0
                                                                                              Connection: close
                                                                                              Content-Type: application/x-protobuf; charset=utf-8
                                                                                              Date: Thu, 05 Sep 2024 12:31:11 GMT
                                                                                              Server: Microsoft-IIS/10.0
                                                                                              Set-Cookie: ARRAffinity=f2b01b5aff47b6a2e38f49356d115a0807f0755dfea9b74b73454039d08ab076;Path=/;HttpOnly;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                              Set-Cookie: ARRAffinitySameSite=f2b01b5aff47b6a2e38f49356d115a0807f0755dfea9b74b73454039d08ab076;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                              Request-Context: appId=cid-v1:48af8e22-9427-456d-9a55-67a1e42a1bd9
                                                                                              X-Powered-By: ASP.NET


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              1192.168.2.549720142.250.185.654437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:14 UTC594OUTGET /crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx HTTP/1.1
                                                                                              Host: clients2.googleusercontent.com
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:14 UTC566INHTTP/1.1 200 OK
                                                                                              Accept-Ranges: bytes
                                                                                              Content-Length: 135751
                                                                                              X-GUploader-UploadID: AD-8ljtu1zJSQ3bHL5GAb9wOuCbd34RY1JORtYlgFjvfcHqyP2BQ8b0y-u3dusruu0DbhH1wtUI
                                                                                              X-Goog-Hash: crc32c=IDdmTg==
                                                                                              Server: UploadServer
                                                                                              Date: Wed, 04 Sep 2024 19:26:09 GMT
                                                                                              Expires: Thu, 04 Sep 2025 19:26:09 GMT
                                                                                              Cache-Control: public, max-age=31536000
                                                                                              Age: 61505
                                                                                              Last-Modified: Tue, 23 Jul 2024 15:56:28 GMT
                                                                                              ETag: 1d368626_ddaec042_86665b6c_28d780a0_b2065016
                                                                                              Content-Type: application/x-chrome-extension
                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                              Connection: close
                                                                                              2024-09-05 12:31:14 UTC824INData Raw: 43 72 32 34 03 00 00 00 e8 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                              Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: cb 30 5e ae fd 8f bf fc 18 3f ab aa ce 6f f5 9f 86 ea f3 4f e7 8b aa 7e fc f9 c7 ed f2 de 57 f2 ef e5 b5 1f ab 7e fc f1 97 7f fc 18 f2 a7 ba e6 52 7f be 7a 86 4d 61 da 86 e0 b6 91 9a 75 5d 9a b5 2a 9f 87 2d b7 6e 97 ac 9b be 32 73 3c 97 a6 da 8a e4 b0 45 fb 9f 36 ba 3c 2e c2 57 bd 48 91 71 68 ae 17 fd f9 3a 6a a8 79 f8 fe f7 4e dd 44 1a 5d 4e 6a fc f5 d0 bb b5 f4 df 2f a7 cb 61 8a 9a f7 7b e9 db fd f7 67 ca ce f9 92 d0 b9 66 29 ba 7e 7f 5f 98 88 8b a7 31 71 fe fe 4c da 11 23 06 47 da 8d 8d f0 51 97 77 14 c8 99 1d 4a 10 22 04 c4 8e 74 e1 33 0f c2 4d e5 0b 5b 3c 43 e7 18 dc 2e a5 0f 8d 7c 77 d8 1e 94 73 2b 4c 54 17 3e 9b 8f 26 ec 8e 26 50 a5 85 6a 61 ea eb 6e 98 0b 73 73 39 ee c2 67 61 3a ff 1e e7 f7 b3 85 53 ee a9 9e 59 f5 3e 81 0c 1d b9 f8 4a 3a 06 39 87
                                                                                              Data Ascii: 0^?oO~W~RzMau]*-n2s<E6<.WHqh:jyND]Nj/a{gf)~_1qL#GQwJ"t3M[<C.|ws+LT>&&Pjanss9ga:SY>J:9
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: fb 44 b0 b4 75 cd a2 45 f6 da fb af bc 3f ce 66 36 89 54 f7 7b 85 4d 64 18 16 65 30 97 1e f2 8b 3d 8c f3 00 e1 48 79 96 ec ea 1d f6 a0 d6 80 10 97 4f 10 60 43 7e 2d de bf 3f ac f5 dc 1b 32 87 63 d4 2b 25 8c c9 3d 52 f4 88 e8 d8 51 25 77 c5 5e 7a c9 5e 86 25 15 31 06 d8 2d 7b ad d1 54 eb 11 a3 53 14 2c cf 7d f9 ff d0 e0 b2 c1 43 66 d4 4a 06 e2 33 37 55 9a 78 d1 48 02 d7 8b 1b d1 0b 33 cc 70 a7 4b c1 72 2f c2 13 19 ed c4 5b a9 a0 8b 4d b9 59 5e 7b 72 2d ff 51 fb dc 0d f6 85 87 e6 ba 95 5e 68 12 00 3b 14 08 91 1b c3 91 cc 5a 03 7c cc a3 e0 a7 19 9b 8f 07 0b 70 9c 51 bc af ba f7 c7 22 7f 6b ed da 1b 3c a4 60 9b 5a c3 ab 54 de 7c 82 75 4b 00 a2 d8 aa 43 9d 31 12 d1 82 59 67 1d aa fb 81 1f 1b e0 15 11 e5 97 16 34 8b 65 ef 77 cd 57 b2 c7 ad ba 65 8d f2 aa de 35
                                                                                              Data Ascii: DuE?f6T{Mde0=HyO`C~-?2c+%=RQ%w^z^%1-{TS,}CfJ37UxH3pKr/[MY^{r-Q^h;Z|pQ"k<`ZT|uKC1Yg4ewWe5
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: a3 3a 66 63 2b dc 55 dd f4 76 4a 8c 67 19 c8 cf dc c0 a9 f6 5c fb 04 0e 30 9f 45 2b 3a 9d 3b 96 d8 5b 6e bd d6 e7 9c e8 c6 a6 3c ec 04 3f 00 02 d8 07 6a 07 4f 70 bb e6 0d 44 84 8e 31 f6 ed 3b e9 6a c5 3d 68 26 0c d9 55 07 3f b0 ae cd 25 f6 a5 bf 92 bd 1a 68 de 40 51 36 ee a5 e4 ce 91 50 6c c6 16 de 88 4e bc 66 c4 fd 22 da f5 e3 d6 a9 11 77 9e cc c8 00 69 5f 40 62 95 20 df ff 5c 62 ff d0 7c 77 74 a5 ee 94 81 37 09 f8 6e 89 76 d0 cc c3 9e ed f1 98 74 e8 44 3c ad 43 b4 7d 7c ef 37 12 7f b8 65 96 f8 5e 7f 6d d6 87 cf c8 3f 3c ff 0f fe 46 0a 5c ba b6 fe 19 70 0e 32 75 0d ee 8d af b1 e1 04 85 42 3c 9e 59 9b c0 78 a6 b0 b5 39 1f b7 d1 de cd 12 22 41 49 d1 15 ab a1 11 33 5c d4 fd b2 5b d9 73 15 d6 f9 35 bc c7 cd bb 1d 79 b6 97 eb f1 e5 7e 9d 14 50 5d 28 7c 07 9c
                                                                                              Data Ascii: :fc+UvJg\0E+:;[n<?jOpD1;j=h&U?%h@Q6PlNf"wi_@b \b|wt7nvtD<C}|7e^m?<F\p2uB<Yx9"AI3\[s5y~P](|
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: f4 82 39 aa e0 7a ec d0 f9 66 30 94 41 fc df ee db 1c a9 13 e6 2d 30 13 82 a1 ce 12 31 7d 82 53 e2 83 47 45 59 27 58 b8 8f 29 06 91 69 cf 5a f8 cc 88 c6 0f 64 a8 24 03 ce ef 34 a6 34 d9 53 76 aa d1 f7 b6 0a 2b fc d4 75 76 ce 3a 75 4f 2d 57 df f3 bf de ff fb dd 66 83 81 23 92 f4 b0 c9 4d 75 c1 14 7c 9e f8 b8 ab 3c 75 20 0d 34 51 a3 0e b9 57 8f 5c c9 54 10 9d 35 cc 9b 85 ba 8d ce d3 40 ea df eb f4 bd c6 2c 8d bf 7f cb f8 66 fe ef 5a ba 1d ba 7f 9e b7 3c ff e1 39 cb 7f 7d 77 90 3e 1b 53 53 b5 ff 3a 2b 59 eb 1a b5 ef 9a f3 97 e0 e3 a3 e0 8e ca 4c fb 5e 74 ea 56 74 b6 f6 9f d3 57 e1 d7 9f b9 df 5e fe f7 bb 96 ae e7 1e 0d df 6b e7 fb 2c e6 b1 79 7f 1c 1b ef fb ff 1f ba be 0c 5d 77 5f 05 74 4c cd 62 ce b9 d6 b7 e6 3a 9d e3 7f 1f 1a cd c7 fb 67 75 fb f1 97 bf fe
                                                                                              Data Ascii: 9zf0A-01}SGEY'X)iZd$44Sv+uv:uO-Wf#Mu|<u 4QW\T5@,fZ<9}w>SS:+YL^tVtW^k,y]w_tLb:gu
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: ad 33 4d c7 0c 67 6e 81 d6 1e 0c 0b 79 e1 e5 4a 9e 81 e8 0e 6d e9 ca e1 60 fa 07 7f fa d2 b1 1f f7 7b ac 3f 4a 13 55 ac f1 4c 7f 94 cf f0 fa f1 b6 7e 2d 9f 5f f6 86 cc fe f1 ec 09 fd 70 24 26 57 1c cf 8f 61 96 f1 4e 24 37 5b 2c f1 37 09 ff 3e 8d 4e e3 76 3b 30 89 99 dc ba 80 99 fa f5 86 7a ab 17 00 10 99 70 d6 78 75 3f ec 5d 26 c0 29 73 23 b1 4d 01 b1 bd 85 22 65 c6 ae 4d 05 29 bb 19 a4 97 d3 26 50 39 76 5a 02 7b 3b 5c cd 19 16 9a 34 6a ca 98 31 83 a3 30 c0 8d 8b 90 69 14 2e 18 a7 11 fc 43 a4 1b 50 25 a6 9a b3 38 b3 01 a7 ed 89 86 13 1f da e6 66 69 88 9b 9b cb a3 0e 88 10 49 34 ac c5 ac 87 cc 0e df 3a 83 59 3f 4a c7 9a 9c 4a 52 22 4a 73 50 10 93 5b 04 26 5d e4 1b 03 5e 57 1d b5 9f 07 15 ea 11 56 a2 32 1c 57 08 4b 8e 3a dd 14 09 a5 9a 54 87 09 2c df 70 99
                                                                                              Data Ascii: 3MgnyJm`{?JUL~-_p$&WaN$7[,7>Nv;0zpxu?]&)s#M"eM)&P9vZ{;\4j10i.CP%8fiI4:Y?JJR"JsP[&]^WV2WK:T,p
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: 34 3d 97 d3 d8 25 32 96 b3 f5 13 f7 6e 04 c3 e8 d7 24 af 68 00 67 eb c3 66 e7 0c 80 f3 86 ed 66 61 be 93 2c c1 a2 81 5f 40 75 19 01 ec 81 b2 11 59 6b 02 01 7c 80 cd 06 9c b7 f6 39 2e 1b a2 d1 59 0b 31 ae 2b a8 f9 19 97 78 ba 9e 92 04 eb 38 0f b1 da 61 42 cf b8 b8 ab 80 50 16 da 7c e0 2a 5d 2e b6 61 3d 16 a7 f7 ad 25 37 09 0c 17 4a fa a3 b0 2f 74 b2 60 63 c4 b5 32 fd ca 4b dc 91 50 cd 08 cf a1 3e ef 10 50 75 05 0f a4 06 bb 61 21 1b 94 db 98 9a 6d 25 ee 69 db 2b 4b 9f 80 46 c6 7a 5d 13 fe 95 45 1a 44 be bd d3 f7 20 9f 7f 88 83 9f 5b 5b 41 3d 0c 7f 6e 6e 02 8a 0a a9 66 0f 64 38 ff 27 1a e0 86 95 3d 0e 65 8e 2a 9e ff b3 5a f5 13 b7 6b 4c e2 da dd 53 96 36 98 be 35 e0 8b a2 03 ec 6d 83 0f 98 a6 6a 9a 7d d4 30 cf b9 22 24 be 95 ed ae b5 82 4d 0c 6d 44 68 ea 50
                                                                                              Data Ascii: 4=%2n$hgffa,_@uYk|9.Y1+x8aBP|*].a=%7J/t`c2KP>Pua!m%i+KFz]ED [[A=nnfd8'=e*ZkLS65mj}0"$MmDhP
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: 87 c6 bc 81 e5 c6 01 f8 80 6e be 68 ae 8d 1a 92 d9 22 7c fb 47 cd 55 a8 b9 72 2b d4 f6 c4 b2 bb dd a3 21 3e c1 52 53 40 cc 0f 98 69 56 28 ab c0 b8 20 06 f5 02 9a 6f 68 bf 82 e6 8f 24 99 81 79 93 8e d4 f5 47 b4 3f 91 f0 93 e1 db ea 74 d9 df bc 02 e8 81 b4 53 49 59 03 c4 1b 90 6e de 93 27 17 a4 fa 97 68 50 4b ef a1 19 2a b3 8e 70 02 6b db 66 44 24 b0 33 79 cf de 43 b1 cd cd c3 41 86 8d 22 07 8e 36 37 b7 cc 9f 0b de bb 60 25 1c fe f7 ea 9b 07 c5 80 f6 9d 10 df 4c b8 27 ef 1c 14 d6 c4 c3 c8 1c ee dd 3d 4d da 8a 0c c4 52 71 54 0a cc 3d d5 5f 29 07 02 fd 8d 5b 75 1c 35 30 b0 47 f8 b3 f1 28 6e 46 7c 56 31 fc 89 c5 6c ca aa 76 67 10 f7 66 c9 bd 26 86 fd fd 33 5d db d6 b3 31 ae 67 3e af 13 4c ea cf 63 28 1c 73 d5 b7 cf 2e dd b8 9a fa 75 a8 12 83 1e ae 82 2c 32 d0
                                                                                              Data Ascii: nh"|GUr+!>RS@iV( oh$yG?tSIYn'hPK*pkfD$3yCA"67`%L'=MRqT=_)[u50G(nF|V1lvgf&3]1g>Lc(s.u,2
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: 1a 0c 27 c9 15 33 8e 4d 6d 30 cb db c6 1d 95 4b 44 47 2a fe 65 6d 62 82 56 4a e1 cb 97 55 fc 6d 2d fc d8 a1 69 e9 bd ea 7b 41 b9 d4 6c 30 29 3a d9 54 cc 2c 05 5e a2 02 b3 c5 bb 08 19 d8 62 b9 d7 a5 62 06 3c 34 40 2e 25 3c 2e c3 97 e2 9d d1 3b c2 71 73 13 d5 e3 35 1f 0d 77 bd 52 9b 9d 01 9b 76 ce d3 0a 52 52 c7 6b 5d b2 e6 95 0a ae bf 14 a3 21 ab aa 31 20 bd b4 d7 42 bf e6 ac e0 5e 40 6f ac 03 3a 6a 01 54 03 d6 36 21 06 2c ba 37 91 a3 0c 4f d2 f8 12 13 46 bb 84 e9 6e dd 4f 81 45 78 78 68 42 e3 13 1f ac 1d 5f 60 04 f8 9a c2 4f 39 8e dc 8c 8d 17 91 02 eb a3 e5 59 ed 20 d2 12 4f e2 a7 7e 66 86 b7 89 8d 5e 42 dd ad 6d cf 2f c2 ed a0 58 e6 a4 e8 94 cb 4f a1 44 3b d4 2c b4 50 44 ce 14 d0 d2 b6 82 1a 45 be 6a b8 a8 f3 70 b4 81 60 59 46 50 39 3d 99 b2 b8 fb 19 23
                                                                                              Data Ascii: '3Mm0KDG*embVJUm-i{Al0):T,^bb<4@.%<.;qs5wRvRRk]!1 B^@o:jT6!,7OFnOExxhB_`O9Y O~f^Bm/XOD;,PDEjp`YFP9=#
                                                                                              2024-09-05 12:31:14 UTC1390INData Raw: 5e 4e 7f fd fa f3 8f 27 8f ff d8 06 aa 7b 8f 52 b0 a4 78 a6 f8 ce 72 c4 5f 39 36 74 23 3d a2 5e 64 ed 29 3c 87 d5 63 57 ef 41 05 40 38 0f e8 2f d0 e8 ee 60 78 31 a8 e0 aa 56 f0 9d a3 17 ab 1f c9 83 ee a5 c0 0c d4 43 84 42 20 54 19 07 77 89 e3 f9 04 05 67 92 9e a7 b0 83 ae 1c df b9 60 e3 01 68 2e f0 49 a9 c5 b0 3d 74 1f 03 d9 07 37 09 19 27 70 29 60 8f d4 1e 13 eb a4 2d 83 17 0b 58 58 65 0b 2b 09 80 2e 29 5a 5a 1e 7b 0b 46 a0 a2 7f e9 a8 77 64 98 5b 0e e4 3a 8a 11 91 76 32 04 ed 6a 28 4f 01 04 c6 70 85 84 f6 e7 b3 20 6e 41 39 10 d0 00 a9 42 a0 f8 c0 6e f0 6c 6d 44 a1 12 09 6c f4 67 bf 3f ab ff f1 f8 f1 1c 10 16 b7 35 9a 93 9f 70 5f e2 ca bd 60 c7 46 0f d8 18 13 66 58 1b 01 f9 88 5d 2a e3 a5 e8 eb b3 27 1a 94 30 a2 67 4f 44 be 18 97 0f cf c7 58 11 76 5a 6f
                                                                                              Data Ascii: ^N'{Rxr_96t#=^d)<cWA@8/`x1VCB Twg`h.I=t7'p)`-XXe+.)ZZ{Fwd[:v2j(Op nA9BnlmDlg?5p_`FfX]*'0gODXvZo


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              2192.168.2.549727172.64.41.34437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                              Host: chrome.cloudflare-dns.com
                                                                                              Connection: keep-alive
                                                                                              Content-Length: 128
                                                                                              Accept: application/dns-message
                                                                                              Accept-Language: *
                                                                                              User-Agent: Chrome
                                                                                              Accept-Encoding: identity
                                                                                              Content-Type: application/dns-message
                                                                                              2024-09-05 12:31:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                              Data Ascii: wwwgstaticcom)TP
                                                                                              2024-09-05 12:31:15 UTC247INHTTP/1.1 200 OK
                                                                                              Server: cloudflare
                                                                                              Date: Thu, 05 Sep 2024 12:31:15 GMT
                                                                                              Content-Type: application/dns-message
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Content-Length: 468
                                                                                              CF-RAY: 8be63c3b9b780cb2-EWR
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              2024-09-05 12:31:15 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 ad 00 04 8e fb 23 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                              Data Ascii: wwwgstaticcom#)


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              3192.168.2.549725172.64.41.34437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                              Host: chrome.cloudflare-dns.com
                                                                                              Connection: keep-alive
                                                                                              Content-Length: 128
                                                                                              Accept: application/dns-message
                                                                                              Accept-Language: *
                                                                                              User-Agent: Chrome
                                                                                              Accept-Encoding: identity
                                                                                              Content-Type: application/dns-message
                                                                                              2024-09-05 12:31:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                              Data Ascii: wwwgstaticcom)TP
                                                                                              2024-09-05 12:31:15 UTC247INHTTP/1.1 200 OK
                                                                                              Server: cloudflare
                                                                                              Date: Thu, 05 Sep 2024 12:31:15 GMT
                                                                                              Content-Type: application/dns-message
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Content-Length: 468
                                                                                              CF-RAY: 8be63c3b8fe143a9-EWR
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              2024-09-05 12:31:15 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 e6 00 04 8e fa 41 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                              Data Ascii: wwwgstaticcomA)


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              4192.168.2.549729162.159.61.34437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:15 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                              Host: chrome.cloudflare-dns.com
                                                                                              Connection: keep-alive
                                                                                              Content-Length: 128
                                                                                              Accept: application/dns-message
                                                                                              Accept-Language: *
                                                                                              User-Agent: Chrome
                                                                                              Accept-Encoding: identity
                                                                                              Content-Type: application/dns-message
                                                                                              2024-09-05 12:31:15 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                              Data Ascii: wwwgstaticcom)TP
                                                                                              2024-09-05 12:31:15 UTC247INHTTP/1.1 200 OK
                                                                                              Server: cloudflare
                                                                                              Date: Thu, 05 Sep 2024 12:31:15 GMT
                                                                                              Content-Type: application/dns-message
                                                                                              Connection: close
                                                                                              Access-Control-Allow-Origin: *
                                                                                              Content-Length: 468
                                                                                              CF-RAY: 8be63c3c4ab8426b-EWR
                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                              2024-09-05 12:31:15 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 01 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                              Data Ascii: wwwgstaticcom c)


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              5192.168.2.5497322.18.97.153443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:16 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: */*
                                                                                              Accept-Encoding: identity
                                                                                              User-Agent: Microsoft BITS/7.8
                                                                                              Host: fs.microsoft.com
                                                                                              2024-09-05 12:31:16 UTC467INHTTP/1.1 200 OK
                                                                                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                              Content-Type: application/octet-stream
                                                                                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                              Server: ECAcc (lpl/EF70)
                                                                                              X-CID: 11
                                                                                              X-Ms-ApiVersion: Distribute 1.2
                                                                                              X-Ms-Region: prod-weu-z1
                                                                                              Cache-Control: public, max-age=101644
                                                                                              Date: Thu, 05 Sep 2024 12:31:16 GMT
                                                                                              Connection: close
                                                                                              X-CID: 2


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              6192.168.2.549746142.251.40.1744437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:17 UTC1079OUTGET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=403473328&timestamp=1725539476166 HTTP/1.1
                                                                                              Host: accounts.youtube.com
                                                                                              Connection: keep-alive
                                                                                              sec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              sec-ch-ua-full-version: "117.0.5938.132"
                                                                                              sec-ch-ua-arch: "x86"
                                                                                              sec-ch-ua-platform: "Windows"
                                                                                              sec-ch-ua-platform-version: "10.0.0"
                                                                                              sec-ch-ua-model: ""
                                                                                              sec-ch-ua-bitness: "64"
                                                                                              sec-ch-ua-wow64: ?0
                                                                                              sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"
                                                                                              Upgrade-Insecure-Requests: 1
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                              Sec-Fetch-Site: cross-site
                                                                                              Sec-Fetch-Mode: navigate
                                                                                              Sec-Fetch-Dest: iframe
                                                                                              Referer: https://accounts.google.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:17 UTC1962INHTTP/1.1 200 OK
                                                                                              Content-Type: text/html; charset=utf-8
                                                                                              X-Frame-Options: ALLOW-FROM https://accounts.google.com
                                                                                              Content-Security-Policy: frame-ancestors https://accounts.google.com
                                                                                              Content-Security-Policy: script-src 'report-sample' 'nonce-uQgq_9bRQqvg3TUIbfIEQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self'
                                                                                              Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
                                                                                              Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport
                                                                                              Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                              Pragma: no-cache
                                                                                              Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                              Date: Thu, 05 Sep 2024 12:31:17 GMT
                                                                                              Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                              Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
                                                                                              Cross-Origin-Opener-Policy: same-origin
                                                                                              reporting-endpoints: default="/_/AccountsDomainCookiesCheckConnectionHttp/web-reports?context=eJzjMtDikmLw1ZBikPj6kkkLiJ3SZ7CGAHHSv_OsJUC8JOIi65HEi6yXuy-xXgdiIR6OqSefbWMT-PBwST-zkl5SfmF8ZkpqXklmSWVKfm5iZl5yfn52ZmpxcWpRWWpRvJGBkYmBpYGhnoFFfIEBALe7K4c"
                                                                                              Server: ESF
                                                                                              X-XSS-Protection: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                              Accept-Ranges: none
                                                                                              Vary: Accept-Encoding
                                                                                              Connection: close
                                                                                              Transfer-Encoding: chunked
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 37 36 30 39 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 75 51 67 71 5f 39 62 52 51 71 76 67 33 54 55 49 62 66 49 45 51 77 22 3e 22 75 73 65 20 73 74 72 69 63 74 22 3b 74 68 69 73 2e 64 65 66 61 75 6c 74 5f 41 63 63 6f 75 6e 74 73 44 6f 6d 61 69 6e 63 6f 6f 6b 69 65 73 43 68 65 63 6b 63 6f 6e 6e 65 63 74 69 6f 6e 4a 73 3d 74 68 69 73 2e 64 65 66 61 75 6c 74 5f 41 63 63 6f 75 6e 74 73 44 6f 6d 61 69 6e 63 6f 6f 6b 69 65 73 43 68 65 63 6b 63 6f 6e 6e 65 63 74 69 6f 6e 4a 73 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f
                                                                                              Data Ascii: 7609<html><head><script nonce="uQgq_9bRQqvg3TUIbfIEQw">"use strict";this.default_AccountsDomaincookiesCheckconnectionJs=this.default_AccountsDomaincookiesCheckconnectionJs||{};(function(_){var window=this;try{_._F_toggles_initialize=function(a){(typeo
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 29 69 66 28 62 3d 2f 54 72 69 64 65 6e 74 5c 2f 28 5c 64 2e 5c 64 29 2f 2e 65 78 65 63 28 62 29 2c 0a 63 5b 31 5d 3d 3d 22 37 2e 30 22 29 69 66 28 62 26 26 62 5b 31 5d 29 73 77 69 74 63 68 28 62 5b 31 5d 29 7b 63 61 73 65 20 22 34 2e 30 22 3a 61 3d 22 38 2e 30 22 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 35 2e 30 22 3a 61 3d 22 39 2e 30 22 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 36 2e 30 22 3a 61 3d 22 31 30 2e 30 22 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 37 2e 30 22 3a 61 3d 22 31 31 2e 30 22 7d 65 6c 73 65 20 61 3d 22 37 2e 30 22 3b 65 6c 73 65 20 61 3d 63 5b 31 5d 3b 62 3d 61 7d 65 6c 73 65 20 62 3d 22 22 3b 72 65 74 75 72 6e 20 62 7d 76 61 72 20 64 3d 52 65 67 45 78 70 28 22 28 5b 41 2d 5a 5d 5b 5c 5c 77 20 5d 2b 29 2f 28 5b 5e 5c 5c 73 5d 2b 29 5c 5c 73
                                                                                              Data Ascii: )if(b=/Trident\/(\d.\d)/.exec(b),c[1]=="7.0")if(b&&b[1])switch(b[1]){case "4.0":a="8.0";break;case "5.0":a="9.0";break;case "6.0":a="10.0";break;case "7.0":a="11.0"}else a="7.0";else a=c[1];b=a}else b="";return b}var d=RegExp("([A-Z][\\w ]+)/([^\\s]+)\\s
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 65 74 75 72 6e 20 61 7d 2c 41 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 61 3d 3d 6e 75 6c 6c 26 26 28 61 3d 79 61 29 3b 79 61 3d 76 6f 69 64 20 30 3b 69 66 28 61 3d 3d 6e 75 6c 6c 29 7b 76 61 72 20 64 3d 39 36 3b 63 3f 28 61 3d 5b 63 5d 2c 64 7c 3d 35 31 32 29 3a 61 3d 5b 5d 3b 62 26 26 28 64 3d 64 26 2d 31 36 37 36 30 38 33 33 7c 0a 28 62 26 31 30 32 33 29 3c 3c 31 34 29 7d 65 6c 73 65 7b 69 66 28 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 6e 22 29 3b 64 3d 7a 28 61 29 3b 69 66 28 64 26 32 30 34 38 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 6f 22 29 3b 69 66 28 64 26 36 34 29 72 65 74 75 72 6e 20 61 3b 64 7c 3d 36 34 3b 69 66 28 63 26 26 28 64 7c 3d 35 31 32 2c 63 21 3d 3d 61 5b 30 5d 29 29 74
                                                                                              Data Ascii: eturn a},Aa=function(a,b,c){a==null&&(a=ya);ya=void 0;if(a==null){var d=96;c?(a=[c],d|=512):a=[];b&&(d=d&-16760833|(b&1023)<<14)}else{if(!Array.isArray(a))throw Error("n");d=z(a);if(d&2048)throw Error("o");if(d&64)return a;d|=64;if(c&&(d|=512,c!==a[0]))t
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 3d 4d 61 3f 61 2e 74 6f 4a 53 4f 4e 28 29 3a 4a 61 28 61 29 7d 2c 4f 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 43 3f 61 2e 4a 3a 4b 61 28 61 2e 4a 2c 4e 61 2c 76 6f 69 64 20 30 2c 76 6f 69 64 20 30 2c 21 31 29 3b 76 61 72 20 62 3d 21 43 2c 63 3d 61 2e 6c 65 6e 67 74 68 3b 69 66 28 63 29 7b 76 61 72 20 64 3d 61 5b 63 2d 31 5d 2c 65 3d 77 61 28 64 29 3b 65 3f 63 2d 2d 3a 64 3d 76 6f 69 64 20 30 3b 76 61 72 20 66 3d 61 3b 69 66 28 65 29 7b 62 3a 7b 76 61 72 20 68 3d 64 3b 76 61 72 20 67 3d 7b 7d 3b 65 3d 21 31 3b 69 66 28 68 29 66 6f 72 28 76 61 72 20 6b 20 69 6e 20 68 29 69 66 28 69 73 4e 61 4e 28 2b 6b 29 29 67 5b 6b 5d 3d 0a 68 5b 6b 5d 3b 65 6c 73 65 7b 76 61 72 20 6c 3d 68 5b 6b 5d 3b 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 6c 29 26 26 28 41 28
                                                                                              Data Ascii: =Ma?a.toJSON():Ja(a)},Oa=function(a){a=C?a.J:Ka(a.J,Na,void 0,void 0,!1);var b=!C,c=a.length;if(c){var d=a[c-1],e=wa(d);e?c--:d=void 0;var f=a;if(e){b:{var h=d;var g={};e=!1;if(h)for(var k in h)if(isNaN(+k))g[k]=h[k];else{var l=h[k];Array.isArray(l)&&(A(
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 30 3b 63 3c 62 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 53 61 5b 62 5b 63 5d 5d 3b 74 79 70 65 6f 66 20 64 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 64 2e 70 72 6f 74 6f 74 79 70 65 5b 61 5d 21 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 44 28 64 2e 70 72 6f 74 6f 74 79 70 65 2c 61 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 54 61 28 51 61 28 74 68 69 73 29 29 7d 7d 29 7d 72 65 74 75 72 6e 20 61 7d 29 3b 0a 76 61 72 20 54 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 7b 6e 65 78 74 3a 61 7d 3b 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20
                                                                                              Data Ascii: 0;c<b.length;c++){var d=Sa[b[c]];typeof d==="function"&&typeof d.prototype[a]!="function"&&D(d.prototype,a,{configurable:!0,writable:!0,value:function(){return Ta(Qa(this))}})}return a});var Ta=function(a){a={next:a};a[Symbol.iterator]=function(){return
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6b 2c 6c 29 7b 69 66 28 21 63 28 6b 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 69 22 29 3b 64 28 6b 29 3b 69 66 28 21 47 28 6b 2c 66 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 6a 60 22 2b 6b 29 3b 6b 5b 66 5d 5b 74 68 69 73 2e 67 5d 3d 6c 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 67 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 20 63 28 6b 29 26 26 47 28 6b 2c 66 29 3f 6b 5b 66 5d 5b 74 68 69 73 2e 67 5d 3a 76 6f 69 64 20 30 7d 3b 67 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 20 63 28 6b 29 26 26 47 28 6b 2c 66 29 26 26 47 28 6b 5b 66 5d 2c 74 68 69 73 2e 67 29 7d 3b 67 2e 70 72 6f 74
                                                                                              Data Ascii: totype.set=function(k,l){if(!c(k))throw Error("i");d(k);if(!G(k,f))throw Error("j`"+k);k[f][this.g]=l;return this};g.prototype.get=function(k){return c(k)&&G(k,f)?k[f][this.g]:void 0};g.prototype.has=function(k){return c(k)&&G(k,f)&&G(k[f],this.g)};g.prot
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 3b 76 61 72 20 64 3d 66 75 6e 63 74 69 6f 6e 28 67 2c 6b 29 7b 76 61 72 20 6c 3d 6b 26 26 74 79 70 65 6f 66 20 6b 3b 6c 3d 3d 22 6f 62 6a 65 63 74 22 7c 7c 6c 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 62 2e 68 61 73 28 6b 29 3f 6c 3d 62 2e 67 65 74 28 6b 29 3a 28 6c 3d 22 22 2b 20 2b 2b 68 2c 62 2e 73 65 74 28 6b 2c 6c 29 29 3a 6c 3d 22 70 5f 22 2b 6b 3b 76 61 72 20 6d 3d 67 5b 30 5d 5b 6c 5d 3b 69 66 28 6d 26 26 47 28 67 5b 30 5d 2c 6c 29 29 66 6f 72 28 67 3d 30 3b 67 3c 6d 2e 6c 65 6e 67 74 68 3b 67 2b 2b 29 7b 76 61 72 20 71 3d 6d 5b 67 5d 3b 69 66 28 6b 21 3d 3d 6b 26 26 71 2e 6b 65 79 21 3d 3d 71 2e 6b 65 79 7c 7c 6b 3d 3d 3d 71 2e 6b 65 79 29 72 65 74 75 72 6e 7b 69 64 3a 6c 2c 6c 69 73 74 3a 6d 2c 69 6e 64 65 78 3a 67 2c 6c 3a 71 7d 7d 72 65 74 75 72
                                                                                              Data Ascii: ;var d=function(g,k){var l=k&&typeof k;l=="object"||l=="function"?b.has(k)?l=b.get(k):(l=""+ ++h,b.set(k,l)):l="p_"+k;var m=g[0][l];if(m&&G(g[0],l))for(g=0;g<m.length;g++){var q=m[g];if(k!==k&&q.key!==q.key||k===q.key)return{id:l,list:m,index:g,l:q}}retur
                                                                                              2024-09-05 12:31:17 UTC1962INData Raw: 2c 62 2c 63 29 7b 72 65 74 75 72 6e 20 61 2e 63 61 6c 6c 2e 61 70 70 6c 79 28 61 2e 62 69 6e 64 2c 61 72 67 75 6d 65 6e 74 73 29 7d 2c 68 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 61 29 74 68 72 6f 77 20 45 72 72 6f 72 28 29 3b 69 66 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 32 29 7b 76 61 72 20 64 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 2c 32 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 3b 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 75 6e 73 68 69 66 74 2e 61 70 70 6c 79 28 65 2c 64 29 3b 72 65 74 75 72
                                                                                              Data Ascii: ,b,c){return a.call.apply(a.bind,arguments)},hb=function(a,b,c){if(!a)throw Error();if(arguments.length>2){var d=Array.prototype.slice.call(arguments,2);return function(){var e=Array.prototype.slice.call(arguments);Array.prototype.unshift.apply(e,d);retur
                                                                                              2024-09-05 12:31:18 UTC1962INData Raw: 65 22 2c 66 69 6c 65 4e 61 6d 65 3a 62 2c 73 74 61 63 6b 3a 22 4e 6f 74 20 61 76 61 69 6c 61 62 6c 65 22 7d 3b 76 61 72 20 63 3d 21 31 3b 74 72 79 7b 76 61 72 20 64 3d 61 2e 6c 69 6e 65 4e 75 6d 62 65 72 7c 7c 61 2e 6c 69 6e 65 7c 7c 22 4e 6f 74 20 61 76 61 69 6c 61 62 6c 65 22 7d 63 61 74 63 68 28 66 29 7b 64 3d 22 4e 6f 74 20 61 76 61 69 6c 61 62 6c 65 22 2c 63 3d 21 30 7d 74 72 79 7b 76 61 72 20 65 3d 61 2e 66 69 6c 65 4e 61 6d 65 7c 7c 0a 61 2e 66 69 6c 65 6e 61 6d 65 7c 7c 61 2e 73 6f 75 72 63 65 55 52 4c 7c 7c 72 2e 24 67 6f 6f 67 44 65 62 75 67 46 6e 61 6d 65 7c 7c 62 7d 63 61 74 63 68 28 66 29 7b 65 3d 22 4e 6f 74 20 61 76 61 69 6c 61 62 6c 65 22 2c 63 3d 21 30 7d 62 3d 6e 62 28 61 29 3b 72 65 74 75 72 6e 21 63 26 26 61 2e 6c 69 6e 65 4e 75 6d 62
                                                                                              Data Ascii: e",fileName:b,stack:"Not available"};var c=!1;try{var d=a.lineNumber||a.line||"Not available"}catch(f){d="Not available",c=!0}try{var e=a.fileName||a.filename||a.sourceURL||r.$googDebugFname||b}catch(f){e="Not available",c=!0}b=nb(a);return!c&&a.lineNumb
                                                                                              2024-09-05 12:31:18 UTC1962INData Raw: 72 20 62 3d 2f 66 75 6e 63 74 69 6f 6e 5c 73 2b 28 5b 5e 5c 28 5d 2b 29 2f 6d 2e 65 78 65 63 28 61 29 3b 4a 5b 61 5d 3d 62 3f 62 5b 31 5d 3a 22 5b 41 6e 6f 6e 79 6d 6f 75 73 5d 22 7d 72 65 74 75 72 6e 20 4a 5b 61 5d 7d 2c 4a 3d 7b 7d 3b 76 61 72 20 74 62 3d 52 65 67 45 78 70 28 22 5e 28 3f 3a 28 5b 5e 3a 2f 3f 23 2e 5d 2b 29 3a 29 3f 28 3f 3a 2f 2f 28 3f 3a 28 5b 5e 5c 5c 5c 5c 2f 3f 23 5d 2a 29 40 29 3f 28 5b 5e 5c 5c 5c 5c 2f 3f 23 5d 2a 3f 29 28 3f 3a 3a 28 5b 30 2d 39 5d 2b 29 29 3f 28 3f 3d 5b 5c 5c 5c 5c 2f 3f 23 5d 7c 24 29 29 3f 28 5b 5e 3f 23 5d 2b 29 3f 28 3f 3a 5c 5c 3f 28 5b 5e 23 5d 2a 29 29 3f 28 3f 3a 23 28 5b 5c 5c 73 5c 5c 53 5d 2a 29 29 3f 24 22 29 2c 75 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 21 62 29 72 65 74 75 72 6e
                                                                                              Data Ascii: r b=/function\s+([^\(]+)/m.exec(a);J[a]=b?b[1]:"[Anonymous]"}return J[a]},J={};var tb=RegExp("^(?:([^:/?#.]+):)?(?://(?:([^\\\\/?#]*)@)?([^\\\\/?#]*?)(?::([0-9]+))?(?=[\\\\/?#]|$))?([^?#]+)?(?:\\?([^#]*))?(?:#([\\s\\S]*))?$"),ub=function(a,b){if(!b)return


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              7192.168.2.5497442.18.97.153443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:18 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: */*
                                                                                              Accept-Encoding: identity
                                                                                              If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                              Range: bytes=0-2147483646
                                                                                              User-Agent: Microsoft BITS/7.8
                                                                                              Host: fs.microsoft.com
                                                                                              2024-09-05 12:31:18 UTC535INHTTP/1.1 200 OK
                                                                                              Content-Type: application/octet-stream
                                                                                              Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                              ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                              ApiVersion: Distribute 1.1
                                                                                              Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                              X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                                                                                              Cache-Control: public, max-age=101696
                                                                                              Date: Thu, 05 Sep 2024 12:31:18 GMT
                                                                                              Content-Length: 55
                                                                                              Connection: close
                                                                                              X-CID: 2
                                                                                              2024-09-05 12:31:18 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                              Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              8192.168.2.549749142.250.65.1744437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:18 UTC561OUTOPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                              Host: play.google.com
                                                                                              Connection: keep-alive
                                                                                              Accept: */*
                                                                                              Access-Control-Request-Method: POST
                                                                                              Access-Control-Request-Headers: x-goog-authuser
                                                                                              Origin: https://accounts.google.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                              Sec-Fetch-Mode: cors
                                                                                              Sec-Fetch-Site: same-site
                                                                                              Sec-Fetch-Dest: empty
                                                                                              Referer: https://accounts.google.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:18 UTC520INHTTP/1.1 200 OK
                                                                                              Access-Control-Allow-Origin: https://accounts.google.com
                                                                                              Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                              Access-Control-Max-Age: 86400
                                                                                              Access-Control-Allow-Credentials: true
                                                                                              Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
                                                                                              Content-Type: text/plain; charset=UTF-8
                                                                                              Date: Thu, 05 Sep 2024 12:31:18 GMT
                                                                                              Server: Playlog
                                                                                              Content-Length: 0
                                                                                              X-XSS-Protection: 0
                                                                                              X-Frame-Options: SAMEORIGIN
                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                              Connection: close


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              9192.168.2.549750142.250.65.1744437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:18 UTC561OUTOPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                              Host: play.google.com
                                                                                              Connection: keep-alive
                                                                                              Accept: */*
                                                                                              Access-Control-Request-Method: POST
                                                                                              Access-Control-Request-Headers: x-goog-authuser
                                                                                              Origin: https://accounts.google.com
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                              Sec-Fetch-Mode: cors
                                                                                              Sec-Fetch-Site: same-site
                                                                                              Sec-Fetch-Dest: empty
                                                                                              Referer: https://accounts.google.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:18 UTC520INHTTP/1.1 200 OK
                                                                                              Access-Control-Allow-Origin: https://accounts.google.com
                                                                                              Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                              Access-Control-Max-Age: 86400
                                                                                              Access-Control-Allow-Credentials: true
                                                                                              Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
                                                                                              Content-Type: text/plain; charset=UTF-8
                                                                                              Date: Thu, 05 Sep 2024 12:31:18 GMT
                                                                                              Server: Playlog
                                                                                              Content-Length: 0
                                                                                              X-XSS-Protection: 0
                                                                                              X-Frame-Options: SAMEORIGIN
                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                              Connection: close


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              10192.168.2.54974713.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:18 UTC711OUTGET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Edge-Asset-Group: EntityExtractionDomainsConfig
                                                                                              Sec-Mesh-Client-Edge-Version: 117.0.2045.47
                                                                                              Sec-Mesh-Client-Edge-Channel: stable
                                                                                              Sec-Mesh-Client-OS: Windows
                                                                                              Sec-Mesh-Client-OS-Version: 10.0.19045
                                                                                              Sec-Mesh-Client-Arch: x86_64
                                                                                              Sec-Mesh-Client-WebView: 0
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:18 UTC583INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:18 GMT
                                                                                              Content-Type: application/octet-stream
                                                                                              Content-Length: 70207
                                                                                              Connection: close
                                                                                              Content-Encoding: gzip
                                                                                              Last-Modified: Fri, 02 Aug 2024 18:10:35 GMT
                                                                                              ETag: 0x8DCB31E67C22927
                                                                                              x-ms-request-id: ed2d6e16-301e-006f-0748-ffc0d3000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123118Z-16579567576ztstdfgdnkw0mpw0000000cdg00000000nh54
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 69316365
                                                                                              X-Cache: TCP_HIT
                                                                                              X-Cache-Info: L1_T2
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:18 UTC15801INData Raw: 1f 8b 08 08 1a 21 ad 66 02 ff 61 73 73 65 74 00 ec bd 0b 97 db 36 b2 30 f8 57 b2 b9 33 b3 dd 89 d5 d6 5b dd d9 cd fa f4 d3 f1 f8 39 6d 3b 19 db f1 d5 01 49 48 a2 45 91 0c 1f 6a ab c3 be bf 7d 0b 05 80 00 08 50 52 db ce 77 ef b7 67 67 9c 16 09 14 0a 40 a1 50 a8 2a 14 c0 3f bf f7 93 78 16 ce bf ff e9 bb 3f bf 2f 92 25 8d a7 51 b8 0a 0b 78 ef 8d bb dd 07 df 7d 9f 92 39 9d fa 65 91 cc 66 90 38 1c f4 59 62 40 67 a4 8c 8a 69 94 f8 24 a2 d3 15 49 11 81 c7 f0 c0 df 0e 3c 00 94 97 e3 6b de f1 08 7b a5 11 7b a5 51 67 9e e1 6b 8c af 71 a7 cc f1 15 81 69 de 59 7d c6 d7 02 5f 8b 0e a5 ec d5 c7 5c 3f ef f8 b7 ec 35 20 ec 35 20 9d 60 89 af 14 5f 69 27 40 e0 19 e6 ce 48 27 c4 8a 66 21 be 86 1d 78 60 af 19 be 66 9d 19 e6 2e b0 ec 82 76 c2 08 5f 31 77 91 75 16 3c b7 c4 d7
                                                                                              Data Ascii: !fasset60W3[9m;IHEj}PRwgg@P*?x?/%Qx}9ef8Yb@gi$I<k{{QgkqiY}_\?5 5 `_i'@H'f!x`f.v_1wu<
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 4a b0 09 cb 82 45 ac c5 f3 e8 07 bb 82 71 ba da 2a 0b c7 62 2c 30 96 c2 52 09 74 65 c0 2a 8a c3 88 95 9c 7c 3e a9 79 09 d4 fa 9a 9f 30 4a 49 28 2b d7 97 ff 7a 7b f9 fa cd f4 c9 05 68 2b 37 9c c1 08 01 cb 2f 28 f3 02 34 de 08 0c a6 34 da 38 c6 ec 48 27 33 28 96 9f 45 d9 4f 9f 12 f7 54 d2 47 a6 39 87 08 81 e9 6d 4f c1 43 97 10 bf ad 59 55 67 39 13 fe 1e 05 67 65 16 87 6c 9b f5 cb 90 60 eb 3d ea 25 09 33 8b f9 4a fb 10 ef 11 3b 7c e8 61 60 14 a0 60 b9 7c 16 e7 69 54 b1 c3 22 c0 e0 29 df c2 05 4c 8f bc f0 67 5e 04 75 33 51 9a b7 e1 61 1a 61 48 f5 c3 30 f7 62 91 d5 a8 34 39 2a 97 ff 2d f5 aa c1 c2 6c 78 e0 35 33 d1 42 b3 75 c4 be 3b f4 d0 68 83 51 a7 81 2d a0 ff 0d 5d 10 62 ed 7f 55 a5 99 9f 25 2b 2f a4 4d 09 21 65 43 c7 04 cf 93 19 f3 c1 d0 b6 e9 14 38 59 31
                                                                                              Data Ascii: JEq*b,0Rte*|>y0JI(+z{h+7/(448H'3(EOTG9mOCYUg9gel`=%3J;|a``|iT")Lg^u3QaaH0b49*-lx53Bu;hQ-]bU%+/M!eC8Y1
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 2f 4d 35 19 b9 3f d5 c1 f4 52 a7 67 b3 99 ff bc b7 c2 8e 7c d3 4d 9a a5 bf dc f0 20 15 b1 bc 1f 82 9a 8d 98 a7 af db 80 6b 74 e7 ab 7c e6 18 7d 9a 2b 3e 34 2d 1a e7 c0 d5 e8 b4 a0 0e d4 7d 19 bb 69 52 58 a2 33 32 78 db 4b 2d cd 54 dd d2 2b 9c a0 29 69 1a ba 4a ee 0a 4d 33 5a 7b a7 1a 83 5f f3 f7 fe 2c 2f 84 3b 39 d0 56 82 ef 75 a4 f3 69 57 af 58 09 8c 2a 1d 24 b9 4e 6b cf 63 d0 74 99 e3 02 0f 26 7f 1a 86 a9 a8 69 fa 5a d8 25 83 c1 ea f8 fd 12 62 16 86 38 17 5a 19 6f 13 03 00 e6 6a 07 a4 40 be bb 20 de a6 de bf d1 06 75 32 1f c3 4f 67 41 ad 31 bd b0 9c ee 44 47 33 2a 92 9c d3 f6 35 64 a9 b1 d3 f6 b1 c7 a7 b4 80 af ea c1 2a 6c dd 81 a0 0b 67 ca d2 b2 11 7c 8d dc 39 47 56 d1 bd 08 e8 ec 3e 4f c9 56 d6 7a d3 9a 56 4d 17 50 41 9b 17 9b 37 36 da 2e 7c a4 ba 63
                                                                                              Data Ascii: /M5?Rg|M kt|}+>4-}iRX32xK-T+)iJM3Z{_,/;9VuiWX*$Nkct&iZ%b8Zoj@ u2OgA1DG3*5d*lg|9GV>OVzVMPA76.|c
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 99 dc 5a 2e 69 cf 52 41 9e 48 c8 71 d7 39 94 dd f7 b6 3f 2a 48 d1 b5 2e 37 a4 97 5f 43 54 c9 8d d7 76 7a 14 e4 6f 3b 80 f7 6a 61 e8 6f 47 e9 2d cb 60 84 66 2b c0 b9 77 09 1b c0 32 5c aa 6c 0e 25 81 ed a0 5e 61 25 37 6f 3c a5 bc 1f 04 1a dd b1 04 1d c9 73 16 3a 58 a8 69 4d 12 c1 5e e9 66 5f 14 6c e4 9e d4 61 25 e1 2f c3 fc b8 ed df 80 5d 2b 3a 5b 4c 56 c9 72 1f 59 1d 6a 72 0b d2 b0 4c 8e d5 67 db 16 79 41 90 65 4f 4b 68 63 f6 d1 e5 db b6 6a 18 e6 ca 5f 04 79 2e 71 69 5d 0e 19 cc d9 f6 58 27 58 af 1c 18 04 f1 98 d2 bf 15 1e 37 ce e0 1e 88 54 83 3c 82 f8 a8 05 5f b0 1b 3f 2f 02 8f 31 a4 e9 1d ed 45 e6 e4 85 e6 b9 66 4c fd cd 8d e4 58 f7 79 73 8b 47 40 25 b6 0d 7f 78 ff a8 fe e7 7d 69 4a fc 00 c7 b0 37 a9 44 f0 40 1e e8 bd 41 8a b4 0a 5d 5a 2c 0e 60 f7 fb 81
                                                                                              Data Ascii: Z.iRAHq9?*H.7_CTvzo;jaoG-`f+w2\l%^a%7o<s:XiM^f_la%/]+:[LVrYjrLgyAeOKhcj_y.qi]X'X7T<_?/1EfLXysG@%x}iJ7D@A]Z,`
                                                                                              2024-09-05 12:31:18 UTC5254INData Raw: 29 50 5f 50 34 9a d3 9a 2a 83 ab 27 93 58 c5 2b d2 9c af 2b 4e 0f 79 ac a9 56 57 20 b1 61 ca d2 f5 ed 38 df 10 b9 60 88 4c 48 ac b1 cd 10 b5 8f 76 49 19 f2 b6 d5 54 1d d1 9c b1 20 7a d3 64 f7 91 a2 0c 4d 73 6d e0 da be ee e6 87 03 9f 5e f7 4f 98 9c 12 cd 88 68 4c 2e b1 48 00 60 c3 31 74 31 8d 87 b4 32 56 02 4f bf e1 a9 3b c0 40 d6 24 8e 10 55 c7 c3 e7 8c f3 78 28 78 d3 94 de b0 5a 4d 22 eb 28 5c 22 00 98 8e 15 1a f8 ab ac 54 f4 5d 80 d0 a5 aa 6e 87 83 fd d6 f1 b0 c0 82 f7 f4 5e ef 2f 2b b8 62 a2 13 a1 4d ae 60 cf 59 3c b1 b1 f4 40 4d 41 74 7c ac 2c 5a 9e ef f4 d2 81 6d 69 e1 d3 8b 73 2c 84 2c 06 37 fd 72 38 10 a5 b2 13 51 f1 a0 a2 06 7d 3f 89 8f 72 35 a0 58 a0 46 79 2f b7 1f cc 57 92 ec c8 b4 b5 f2 5c 65 e7 30 5a 93 e3 b1 8e 5f f5 91 44 87 44 19 1d 59 83
                                                                                              Data Ascii: )P_P4*'X++NyVW a8`LHvIT zdMsm^OhL.H`1t12VO;@$Ux(xZM"(\"T]n^/+bM`Y<@MAt|,Zmis,,7r8Q}?r5XFy/W\e0Z_DDY


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              11192.168.2.54974813.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:18 UTC470OUTGET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Edge-Asset-Group: Shoreline
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:18 UTC577INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:18 GMT
                                                                                              Content-Type: application/octet-stream
                                                                                              Content-Length: 306698
                                                                                              Connection: close
                                                                                              Content-Encoding: gzip
                                                                                              Last-Modified: Tue, 10 Oct 2023 17:24:31 GMT
                                                                                              ETag: 0x8DBC9B5C40EBFF4
                                                                                              x-ms-request-id: a05cbbc2-a01e-0025-3785-fef0b4000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123118Z-16579567576rhxz5kgqdm3tfq00000000cfg00000000afvw
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                              X-Cache-Info: L1_T2
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:18 UTC15807INData Raw: 1f 8b 08 08 cf 88 25 65 02 ff 61 73 73 65 74 00 ec 7d 69 93 db 46 92 e8 5f a9 f0 97 fd e0 96 05 10 00 09 4c c4 8b 17 2d f9 92 6d f9 92 6d 8d fd 66 43 51 00 0a 24 9a 20 40 e1 60 ab 7b 76 fe fb ab cc 2c 10 09 82 07 c8 a6 bc 9e 8d 0d 5b 68 b0 8e bc eb 44 55 e6 3f 3f 59 c9 3c 4d 54 55 bf db a8 b2 4a 8b fc 93 bf 89 4f dc cf ac cf ac 4f 6e c4 27 8b 26 7c 27 d7 eb 4a 27 fe bf 7f 7e 92 c6 90 19 c5 ee d4 f7 65 f0 4c f9 be ff cc f5 95 7c 26 63 df 7e 36 9b da 81 13 7b d3 d0 0e 15 d4 cd e5 4a 41 f9 77 ef 5e bf f9 ea 1d fc 7a f7 0e d2 19 1e fb 33 fd df 0c 12 63 55 45 65 ba ae 4d 06 d5 61 89 54 75 a9 1e 20 f7 f5 ab 57 2f 5e dd dd 7e ff 62 be 7c bf 58 a6 5f 05 f7 d6 8b db 9f be f8 f2 f6 f6 87 97 b7 3f f9 b7 90 ff 72 fe ad 7e ff e2 76 9d 58 77 ee 57 8b 1f de ff 14 f9 fe
                                                                                              Data Ascii: %easset}iF_L-mmfCQ$ @`{v,[hDU??Y<MTUJOOn'&|'J'~eL|&c~6{JAw^z3cUEeMaTu W/^~b|X_?r~vXwW
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 04 ba b8 75 26 ce 55 c2 08 bf 5c 90 e7 68 0d 8c 7c 07 bb 14 ee 07 cf ac 5b ca 81 54 5b 25 f6 36 51 93 15 e8 c2 2b 22 50 fc 52 36 6d 55 35 59 19 67 e4 56 be d8 2d df fd 8c 1c b1 48 e9 85 d8 d5 6f a1 88 16 05 b8 ea d5 42 20 2f c6 fa c5 ab 21 ae b4 7e 71 4c 7c 69 3b da be 2c c4 3c 45 31 58 f6 5a d0 75 29 2d 10 91 2f b6 81 a8 f1 77 27 4d cb 46 c3 d1 f2 cb e7 17 7d 3c d0 6a 30 b1 ed 19 11 24 85 30 ed b3 77 98 0a a3 d3 4d 8a a4 58 a6 1a 92 6f 39 a0 66 5b a9 58 c4 f8 d7 db 13 a4 38 9f 53 18 72 e3 d6 58 c9 9c 2a 85 f1 21 3d 9d 12 35 51 d6 f4 74 9e 6e f9 3a 6f 4c fc e5 2c 53 f9 7a 94 a9 7c 50 ab 8e d8 56 01 86 95 11 92 ce 4d 82 a9 12 26 c6 7f 9c 55 b4 0d eb a8 c4 4f 75 f1 df 12 7e 7b 85 2d 18 bd 99 6f 4d 95 18 8d 35 7f b9 51 da bc b3 17 f2 61 66 41 16 70 9d 0a 0c
                                                                                              Data Ascii: u&U\h|[T[%6Q+"PR6mU5YgV-HoB /!~qL|i;,<E1XZu)-/w'MF}<j0$0wMXo9f[X8SrX*!=5Qtn:oL,Sz|PVM&UOu~{-oM5QafAp
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: b7 2c 9c d4 28 cd 82 09 ad 54 24 d2 ae 26 b9 4f 37 c4 67 1e 9d 6b d1 e4 03 44 91 0f c7 24 3e 9c a5 f8 80 ce e1 c3 bd 55 1f 7c 0d 7d f0 d6 f4 e1 f6 6d f9 6c 42 78 a7 7a 8f cf 80 2a 42 b1 ca af 46 95 01 06 85 53 be 7a 50 c8 12 ce 7e 7c 44 29 29 63 83 14 66 50 e5 69 9e ba 94 a2 14 a9 44 53 56 22 78 06 d0 d3 7d 25 3d 51 7e fc 63 e8 77 69 11 9c 24 cb 92 42 e9 e0 d4 ac cc c6 c2 0a 92 55 72 f4 61 88 91 31 1f 4c 69 b4 9b 0f a5 64 32 91 6a 99 5a 87 05 9b b8 18 4d b6 69 0c 05 60 46 80 c2 34 75 85 d5 88 cf a4 31 10 78 28 99 44 01 7e 6d 51 37 26 3d f1 aa c8 64 77 98 90 c3 4a 88 b9 d5 8c 73 bc 9b 5c 69 65 23 a6 fb 16 9b 26 25 05 ac fc cc 1e 87 56 e3 bd 7f 86 8d d9 de 4d 93 29 aa 7c fe d1 06 5b da c5 90 55 b0 c9 33 35 1b d9 51 ad b2 ea c6 9a c4 a2 90 04 54 de 86 42 2d
                                                                                              Data Ascii: ,(T$&O7gkD$>U|}mlBxz*BFSzP~|D))cfPiDSV"x}%=Q~cwi$BUra1Lid2jZMi`F4u1x(D~mQ7&=dwJs\ie#&%VM)|[U35QTB-
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 2a 42 7f 7e 14 be 1b ef d2 39 b9 d3 a0 0f a6 db fd c0 cf 6a 73 b5 e6 a0 67 39 bd 50 cf ce e5 f5 33 b4 5b f6 96 18 f6 1d 3d 5b 1c 62 ee 08 9c b4 27 31 5c bf 95 0d 07 a0 cf bc bf ec e9 f3 e3 25 7d d1 cd 7e e8 fe 69 3f 94 32 74 6d 41 40 30 f4 9d 21 ef 18 ab 09 e0 e5 30 bf 56 97 43 99 8d fb 5c b1 3a 15 2a 0c 9d 5f c9 d3 47 70 60 b0 6e 17 9c 16 bc 33 94 8f dc 87 1c 2e 65 5f 80 b0 c7 e2 bb 6a f4 3b c8 60 00 83 b2 83 02 16 e1 3f 69 68 e4 62 45 17 99 ba 9d 9d b7 00 7d 2a 5a 5f 88 af 8b 22 5d 84 79 61 b8 38 c9 2f d4 62 3c 2f ee 0a 38 04 98 69 d8 af 45 cf 43 a8 9b 3e 6e dd 69 b8 01 0b 4d c5 2a d4 d8 5d 7a b1 5f 94 d0 5d 79 e7 c9 87 c6 d5 b9 5d 89 1b 44 f3 5a 14 67 85 e9 1a ef c2 74 b9 63 86 3e c2 71 a7 08 94 eb 44 58 ad 1a 5c 09 02 5c 4d 1b c8 2c 53 c1 71 b8 50 80
                                                                                              Data Ascii: *B~9jsg9P3[=[b'1\%}~i?2tmA@0!0VC\:*_Gp`n3.e_j;`?ihbE}*Z_"]ya8/b</8iEC>niM*]z_]y]DZgtc>qDX\\M,SqP
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: c2 6b ad 8a 70 f5 34 6b b8 40 3f ab 6c ff 6b b9 2f c1 49 79 7f 7f fe e2 4d 8e 52 97 9f 5c d2 a4 d2 9b 7f 21 19 ca ff db 31 e3 e4 f2 51 b8 7c 74 b3 4c aa e5 59 09 49 a3 cf 51 d6 87 a5 4c 6d 23 e7 30 3b 3e ce a2 ff dd d2 a2 4d 1f 0e 14 fd d7 52 7f fd 1c ea cf 13 55 dc a3 6d 85 4b 4e 63 b4 12 03 65 33 26 36 bd 72 f4 19 04 1a d9 86 f6 84 1c dd 9e ee 21 e8 65 4d aa 2f f0 f8 0a fb d1 85 1e 53 4d 3f 5f a5 fc d4 0d f8 28 79 f7 b1 c1 a5 fc 51 df bc 30 df bf cb 6f cb 2a 09 d7 1f 99 f4 19 6a 7e d9 a5 f8 7e 7b c5 59 31 55 b2 99 9f 7d 02 06 e8 6e c6 98 ec a9 7c 3f 2a 1d 34 e5 bd 0a 8f e7 88 3e 74 c3 0b e7 6b 10 2c 4f 53 5d 7c 86 e2 09 77 99 7d ee 02 3a 9d f3 a7 29 a2 13 79 ee 15 d2 a7 37 fd 67 b6 f7 67 33 72 df b2 23 59 ef 55 5d e5 6f cb 55 7e 43 6c b7 99 fc 2e 56 9e
                                                                                              Data Ascii: kp4k@?lk/IyMR\!1Q|tLYIQLm#0;>MRUmKNce3&6r!eM/SM?_(yQ0o*j~~{Y1U}n|?*4>tk,OS]|w}:)y7gg3r#YU]oU~Cl.V
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 1d c0 e5 f5 0e 81 86 cd d1 7b 9c 8b 16 07 4d 31 65 8e 49 77 c3 9c 0b 06 79 cd 66 e0 72 84 3b 54 b9 74 ef 35 53 7d 3b 8c b0 a9 fd 1b 50 a9 de 74 45 72 7e 1b f0 2a c4 ee 75 56 a9 f1 4f 0b e2 ef 4c 0e 04 e6 c1 13 43 d1 a3 91 83 19 d3 3d c4 08 0f b5 d5 e1 f0 41 7b 02 cf 94 80 35 8c 5f 5f 02 90 85 fa 86 bb ab e1 02 93 a8 c3 01 b8 10 ce 1a 84 70 ba 2a 74 48 e2 74 7c 83 87 f5 42 38 70 15 c2 ce 65 08 08 86 a0 47 21 98 5b b8 58 62 21 c8 96 0d 6c 09 61 e7 32 c4 b3 5e a1 8d a0 20 7d 39 b0 28 5c c6 6d 21 84 b7 80 4c dc 70 c4 2e c4 f3 19 21 9c 8e d6 1f 96 d8 f4 9d 32 40 37 a4 47 84 1e d1 c7 65 89 5f 63 82 1d d4 5a 86 2d e5 f8 15 59 45 61 ea 67 ab 2d d9 61 85 e3 91 0f 94 e7 67 25 02 3d 4f 28 55 ad 17 c6 a0 29 6a 5d 21 2a cd 7e af 45 5e 0b 01 e5 6c bb ed 07 fa bc 5c f7
                                                                                              Data Ascii: {M1eIwyfr;Tt5S};PtEr~*uVOLC=A{5__p*tHt|B8peG![Xb!la2^ }9(\m!Lp.!2@7Ge_cZ-YEag-ag%=O(U)j]!*~E^l\
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: b4 4f 20 01 c9 6e d7 8b d6 eb 26 ee 09 6d 06 c3 c0 20 42 f6 62 01 a8 b8 2e 41 68 d5 3e af 78 77 09 5e a1 a8 7e 3d bf 65 90 da ff 6d 58 c3 e3 86 29 f6 22 00 98 2a 9c 68 97 65 63 ac 5c ad 09 2b 23 82 8f 3f 2b 34 4c 1f 01 76 0d 06 ed 44 0f a9 a0 b1 63 30 c2 0d f2 ad 15 f9 9d a6 73 4a 64 c6 38 b2 91 d1 0a 38 ec f1 61 a5 51 a1 65 d6 96 da 34 5b b9 be df 70 92 06 98 c1 37 67 b8 7a fd 34 cd 5e 44 c0 aa b0 27 6e 0c f2 e2 f9 5e 7c 0a 17 b4 b4 16 73 66 52 b2 05 40 56 84 20 c3 90 88 0a 5a 8e f1 3d 96 59 b7 5f a7 63 31 3c 17 3a a9 04 30 4b 80 0e 09 8b 60 e1 5d df da 55 e1 6d 20 56 de 3a 5a 4e 4e 36 25 71 5c 12 7e f1 93 97 31 94 a1 29 89 f2 0a 40 a9 02 bf 55 03 2f 98 74 5f 78 73 cb c5 29 4c e9 ad ef d3 e0 e9 ec 15 b9 9a 03 cf 91 db 7e f5 f0 08 3e bd 4a a1 b3 a7 63 d1
                                                                                              Data Ascii: O n&m Bb.Ah>xw^~=emX)"*hec\+#?+4LvDc0sJd88aQe4[p7gz4^D'n^|sfR@V Z=Y_c1<:0K`]Um V:ZNN6%q\~1)@U/t_xs)L~>Jc
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: e6 2c b7 a9 5c 69 a3 75 af d9 ba f6 11 ea 58 64 70 1a 03 5a 75 5c b5 f2 6d d4 e3 16 ed 7d 0a 76 94 c1 8e a7 30 9e 08 64 07 27 9d 18 c0 52 7d e4 67 ff 5d dd ba 83 b1 dc 5d 98 95 9f fd f7 4f 5a 26 c7 8a 7a a4 2b 67 ea ac d1 ee 4b f3 ee 5b 7c 55 87 5f ce 64 5a d1 d6 85 f4 9d 84 43 1d a5 d1 4e 33 c2 52 b6 ac ef d9 7f de 15 61 44 a2 b6 4f fe 03 39 27 95 29 d1 71 16 47 ff 7e 40 2f ff 09 6e 49 c5 ba 2c 58 72 fd b4 fc 2b 2f d4 a3 80 7f e2 4e fd ca 3b f8 f4 09 87 9a 38 33 24 7f 45 a2 7e d3 4f 4e 87 8c cb 8b 02 7f df 7f ff 57 75 a1 22 3d 51 a9 78 41 7d 1b c5 f8 9b d0 7f 72 fc 7d ff 85 6a 70 ab 5e dc aa 41 ca 56 bd b0 55 00 76 02 c7 a0 ea 57 7d b2 c3 fb 0a b5 58 bd 1f ab f6 63 d5 ec bd 82 b3 c7 5f d5 89 ed 15 3f f6 0a e5 7d 86 bf 7b f2 4f 82 f3 1a ea 09 06 a9 c9 03
                                                                                              Data Ascii: ,\iuXdpZu\m}v0d'R}g]]OZ&z+gK[|U_dZCN3RaDO9')qG~@/nI,Xr+/N;83$E~ONWu"=QxA}r}jp^AVUvW}Xc_?}{O
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 34 82 9b a9 e1 c3 b1 e1 46 87 99 95 55 9a b4 be 3b 59 b1 6b f9 9e 4a 6a 38 c3 9d 71 93 60 68 53 6d 70 93 f4 d8 cb 92 d6 1c 64 0c 55 29 d1 f7 86 61 3a 23 da d5 06 e4 b2 85 18 31 bb 0e 46 71 38 52 33 8f 24 f5 9e 43 1a 6d 32 5a be 90 91 0a d3 47 69 32 eb 74 ec 30 03 b3 0a 2f 45 60 14 c3 56 8c 9b d3 2c f6 4c cc 87 6e 54 d0 da 28 ed 5d 8d 3a 4d 4a aa f1 2e 74 2f 9f 56 e9 a4 49 86 4c 15 33 4f 70 79 ad 9c 27 57 fe 5f f1 b5 af dc 2b a5 7e 6a ff d6 06 bc 0c 5d f6 df fe e1 b9 f2 44 21 e0 ef 42 ef 50 c9 9d 6d c4 b7 e0 a2 c1 1c b4 2f 36 29 c7 0d cd c5 5f 01 b2 80 f3 b0 10 3b 89 01 c5 9d d8 7c 07 2e 18 db 27 d6 4f f2 63 9c b0 f6 f2 ae c9 8b 6c b2 c4 37 76 c1 ad 55 68 26 ab 9f 6e 0d f6 97 8b d0 7b ae f0 47 ed 5d 9f e5 af 8e d0 8d 25 c1 76 f1 dc 48 82 c0 c8 4e c8 12 40
                                                                                              Data Ascii: 4FU;YkJj8q`hSmpdU)a:#1Fq8R3$Cm2ZGi2t0/E`V,LnT(]:MJ.t/VIL3Opy'W_+~j]D!BPm/6)_;|.'Ocl7vUh&n{G]%vHN@
                                                                                              2024-09-05 12:31:18 UTC16384INData Raw: 14 85 b6 9f 56 47 3e e9 1b d3 5f a5 ac 50 c3 87 e4 2f 7d 48 49 98 d9 64 0e 08 ef 71 ff 50 b9 f3 86 37 4a 22 88 52 55 4a 91 92 53 0e 3c c2 3f 65 33 a3 28 fd 5a 9a 2e 91 76 ec f5 34 94 dc 1a 84 a2 be c1 0e 7a 8b 67 39 3e 58 c7 23 2c 7e 30 2a a9 04 8f 00 e5 ea b9 90 8e 19 22 31 4f 88 ac 1a 1f 76 bd 44 ab b4 23 ff 6a 0e 16 d3 4b 19 b1 5f 46 1a 8c 28 02 0b 82 4d 75 9f bc a7 ab d3 c0 ac 12 2c 1a e1 ca 61 62 a5 73 bf 90 ea 26 30 cc b6 60 ae a5 03 4b 60 ea 7c b9 bf 27 e4 0d 14 35 5a 3a 2d d3 09 b2 1d da a4 23 ee 1b c6 42 eb 6f 46 58 98 31 2d 33 81 d2 c7 b9 ea 4a e4 45 53 f8 1b 85 d6 9a f9 1c dd e5 4a cf 08 96 59 af e8 ce 28 b3 02 0e 0d ee 14 62 4a 58 2a 40 44 d3 12 5b 39 93 33 26 50 17 82 cc e2 88 1a 71 ab dd fe 3c 12 6a 79 40 5e 32 8d a6 25 53 15 5e 3f 60 3e a6
                                                                                              Data Ascii: VG>_P/}HIdqP7J"RUJS<?e3(Z.v4zg9>X#,~0*"1OvD#jK_F(Mu,abs&0`K`|'5Z:-#BoFX1-3JESJY(bJX*@D[93&Pq<jy@^2%S^?`>


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              12192.168.2.54973340.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:18 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 3592
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:18 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:19 UTC568INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:19 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C555_SN1
                                                                                              x-ms-request-id: a37e89b3-2312-4eda-9c13-0c32a6326a24
                                                                                              PPServer: PPV: 30 H: SN1PEPF0002FA22 V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:18 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 1276
                                                                                              2024-09-05 12:31:19 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              13192.168.2.549753142.251.35.1644437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:19 UTC881OUTGET /favicon.ico HTTP/1.1
                                                                                              Host: www.google.com
                                                                                              Connection: keep-alive
                                                                                              sec-ch-ua: "Not;A=Brand";v="8", "Chromium";v="117", "Google Chrome";v="117"
                                                                                              sec-ch-ua-mobile: ?0
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                              sec-ch-ua-arch: "x86"
                                                                                              sec-ch-ua-full-version: "117.0.5938.132"
                                                                                              sec-ch-ua-platform-version: "10.0.0"
                                                                                              sec-ch-ua-full-version-list: "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132", "Google Chrome";v="117.0.5938.132"
                                                                                              sec-ch-ua-bitness: "64"
                                                                                              sec-ch-ua-model: ""
                                                                                              sec-ch-ua-wow64: ?0
                                                                                              sec-ch-ua-platform: "Windows"
                                                                                              Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                              Sec-Fetch-Site: same-site
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: image
                                                                                              Referer: https://accounts.google.com/
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:19 UTC705INHTTP/1.1 200 OK
                                                                                              Accept-Ranges: bytes
                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                              Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
                                                                                              Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
                                                                                              Content-Length: 5430
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Server: sffe
                                                                                              X-XSS-Protection: 0
                                                                                              Date: Thu, 05 Sep 2024 11:55:59 GMT
                                                                                              Expires: Fri, 13 Sep 2024 11:55:59 GMT
                                                                                              Cache-Control: public, max-age=691200
                                                                                              Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
                                                                                              Content-Type: image/x-icon
                                                                                              Vary: Accept-Encoding
                                                                                              Age: 2120
                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                              Connection: close
                                                                                              2024-09-05 12:31:19 UTC685INData Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 68 04 00 00 26 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 8e 04 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 30 fd fd fd 96 fd fd fd d8 fd fd fd f9 fd fd fd f9 fd fd fd d7 fd fd fd 94 fe fe fe 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd 99 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 95 ff ff ff 08 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd c1 ff ff ff ff fa fd f9 ff b4 d9 a7 ff 76 ba 5d ff 58 ab 3a ff 58 aa 3a ff 72 b8 59 ff ac d5 9d ff f8 fb f6 ff ff
                                                                                              Data Ascii: h& ( 0.v]X:X:rY
                                                                                              2024-09-05 12:31:19 UTC1390INData Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d8 fd fd fd 99 ff ff ff ff 92 cf fb ff 37 52 ec ff 38 46 ea ff d0 d4 fa ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 96 fe fe fe 32 ff ff ff ff f9 f9 fe ff 56 62 ed ff 35 43 ea ff 3b 49 eb ff 95 9c f4 ff cf d2 fa ff d1 d4 fa ff 96 9d f4 ff 52 5e ed ff e1 e3 fc ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30 00 00 00 00 fd fd fd 9d ff ff ff ff e8 ea fd ff 58 63 ee ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 6c 76 f0 ff ff ff ff ff ff ff ff ff fd fd fd 98 00 00 00 00 00 00 00 00 ff ff ff 0a fd fd fd c3 ff ff ff ff f9 f9 fe ff a5 ac f6 ff 5d 69 ee ff 3c 4a
                                                                                              Data Ascii: 7R8F2Vb5C;IR^0Xc5C5C5C5C5C5Clv]i<J
                                                                                              2024-09-05 12:31:19 UTC1390INData Raw: ff ff ff ff ff ff ff ff ff ff ff fd fd fd d0 ff ff ff 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fd fd fd 8b ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b1 d8 a3 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 60 a5 35 ff ca 8e 3e ff f9 c1 9f ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 87 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 25 fd fd fd fb ff ff ff ff ff ff ff ff ff ff ff ff c2 e0 b7 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 6e b6 54 ff 9f ce 8d ff b7 da aa ff b8 db ab ff a5 d2 95 ff 7b bc 64 ff 54 a8 35 ff 53 a8 34 ff 77 a0 37 ff e3 89 41 ff f4 85 42 ff f4 85 42 ff
                                                                                              Data Ascii: S4S4S4S4S4S4S4S4S4S4S4S4S4S4`5>%S4S4S4S4S4S4nT{dT5S4w7ABB
                                                                                              2024-09-05 12:31:19 UTC1390INData Raw: ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff fb d5 bf ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd ea fd fd fd cb ff ff ff ff ff ff ff ff ff ff ff ff 46 cd fc ff 05 bc fb ff 05 bc fb ff 05 bc fb ff 21 ae f9 ff fb fb ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd c8 fd fd fd 9c ff ff ff ff ff ff ff ff ff ff ff ff 86 df fd ff 05 bc fb ff 05 bc fb ff 15 93 f5 ff 34 49 eb ff b3 b8 f7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                                                                                              Data Ascii: BBBBBBF!4I
                                                                                              2024-09-05 12:31:19 UTC575INData Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d2 fe fe fe 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 0a fd fd fd 8d fd fd fd fc ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd fb fd fd fd 8b fe fe fe 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 27 fd fd fd 9f fd fd fd f7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                                                                                              Data Ascii: $'


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              14192.168.2.54976013.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:20 UTC438OUTGET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:20 UTC522INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:20 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 1579
                                                                                              Connection: close
                                                                                              Last-Modified: Fri, 03 Nov 2023 21:43:08 GMT
                                                                                              ETag: 0x8DBDCB5DE99522A
                                                                                              x-ms-request-id: ad365aed-b01e-003a-593a-ff2ba4000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123120Z-16579567576h9nndaeer0cv35w0000000cb00000000043q5
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 69316365
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:20 UTC1579INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 05 c0 49 44 41 54 78 01 ed 58 4f 8b 5c 45 10 af 7a f3 66 66 15 c5 fd 00 42 66 f2 05 b2 22 c2 1e 54 d6 4f 90 15 c1 63 d8 e0 49 04 37 01 11 11 25 89 e0 d5 04 0f 1a f0 e0 e6 62 c4 cb 1e 44 50 21 b8 df 20 7b f0 4f 6e 1b 4f 8b 20 cc 7a 89 b3 ef 75 57 f9 ab ea 9e 37 cb 66 77 66 36 93 83 84 ad a4 d3 fd de eb 79 fd 7b bf fa 55 75 75 88 4e ed d4 9e 20 5b d9 dc ed 2d df de ed d1 63 34 a6 39 6c e5 fb c1 4a 54 39 2f 42 ab 22 d2 8b 91 54 a2 92 d4 91 63 90 6d 09 74 57 2a fd fc b7 77 9e df a6 47 b4 47 02 b8 f2 f3 60 29
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaIDATxXO\EzffBf"TOcI7%bDP! {OnO zuW7fwf6y{UuuN [-c49lJT9/B"TcmtW*wGG`)


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              15192.168.2.54975913.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:20 UTC431OUTGET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:20 UTC515INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:20 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 1966
                                                                                              Connection: close
                                                                                              Last-Modified: Fri, 03 Nov 2023 21:43:31 GMT
                                                                                              ETag: 0x8DBDCB5EC122A94
                                                                                              x-ms-request-id: 25350ece-301e-002b-08d4-fa1cbf000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123120Z-165795675762h26c6ze2t4q7600000000cbg00000000m1ps
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:20 UTC1966INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 07 43 49 44 41 54 78 01 ed 97 5b 68 5c 75 1e c7 7f ff 73 f9 9f 49 d2 49 4f da 98 b4 6a d7 d9 c5 16 bc b0 4e c1 bd c8 6e d8 99 07 1f 74 1f 9a e0 2a 15 77 d7 06 0b 82 0f d5 3c 54 10 1f 3a 41 d0 2a 8a 2d 55 29 68 4d 14 1f 6a d3 92 3c 28 58 45 92 fa d0 0a 82 8e 48 14 6a 6b 53 d0 b4 21 4d e7 cc 64 6e 67 ce cd ef ef 64 4e 48 ed c5 74 d2 e8 4b 7f c3 9f ff b9 cd 39 9f f3 fd ff 6e 87 e8 ba 2d cd c4 62 2f 1c 1a 1a 4a 29 8a b2 c9 f3 bc 44 10 04 3c c8 71 1c 0b fb 59 8c af 71 6e a4 b7 b7 d7 a2 6b 6c bf 0a 38 3c 3c fc
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaCIDATx[h\usIIOjNnt*w<T:A*-U)hMj<(XEHjkS!MdngdNHtK9n-b/J)D<qYqnkl8<<


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              16192.168.2.54976113.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:20 UTC433OUTGET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:20 UTC536INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:20 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 1751
                                                                                              Connection: close
                                                                                              Last-Modified: Tue, 17 Oct 2023 00:34:33 GMT
                                                                                              ETag: 0x8DBCEA8D5AACC85
                                                                                              x-ms-request-id: 1e6d2d82-a01e-0061-7c30-fe2cd8000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123120Z-165795675767jvm9z21nmtw4wn0000000c8g00000000498s
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                              X-Cache-Info: L1_T2
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:20 UTC1751INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 06 6c 49 44 41 54 78 01 ed 98 4d 6c 54 55 14 c7 cf 9d ce b4 52 09 42 85 b8 40 ed f3 23 44 37 0a b8 32 71 01 71 a1 89 1b dc 08 3b ab 0b 64 87 b8 30 84 10 3a c3 c2 a5 1a 57 b8 52 16 26 6e 8c 10 3f 91 c5 a0 a2 21 0d d1 c6 18 63 34 9a 91 b8 c0 40 6c a1 ed cc 7b ef 7e 1c ff e7 de fb e6 4d 3f a0 1f d4 e8 a2 17 5e de eb ed 9b f7 7e f7 7f ce f9 9f 3b 25 5a 1b 6b e3 bf 1d 8a 56 71 d4 cf f2 2e 36 34 ca 44 bb d8 11 15 07 71 cf 19 ff 71 ad 08 3f 3b 4b 13 4e bb 3f 74 27 1f cf 3a d4 38 71 68 5d eb 5f 03 3c 76 86 9f c7
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAalIDATxMlTURB@#D72qq;d0:WR&n?!c4@l{~M?^~;%ZkVq.64Dqq?;KN?t':8qh]_<v


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              17192.168.2.54976213.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:20 UTC430OUTGET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:20 UTC543INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:20 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 2008
                                                                                              Connection: close
                                                                                              Last-Modified: Tue, 10 Oct 2023 17:24:26 GMT
                                                                                              ETag: 0x8DBC9B5C0C17219
                                                                                              x-ms-request-id: 99f39b71-d01e-004c-0354-ffaf18000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123120Z-165795675762h26c6ze2t4q7600000000cc000000000kf2a
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 69316365
                                                                                              X-Cache: TCP_HIT
                                                                                              X-Cache-Info: L1_T2
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:20 UTC2008INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 07 6d 49 44 41 54 78 01 ed 98 bf 6f 14 47 14 c7 df ec 9d 11 48 48 5c aa 94 de 74 74 18 45 a9 59 24 0a d2 24 54 91 a0 f1 39 44 24 45 24 ec 32 0d be 28 05 44 14 98 2a e9 7c 96 50 e4 26 32 11 2d 02 47 91 02 4d 64 a3 08 25 92 a5 70 fc 05 18 ff 38 df ed af 97 ef 77 76 66 bd 36 07 67 9b 58 69 18 69 34 b3 b3 bb b3 9f fb ce 7b 6f de 9c c8 bb f2 76 c5 c8 21 95 bf 66 35 4c 33 59 8a 33 6d e0 33 53 1f 7e 69 66 38 fe 74 56 c7 b2 54 1e 26 a9 34 f2 4c a6 3e fa ba 18 ff e3 96 36 7b 89 cc 6e f5 45 92 2c 9b f8 b8 55 6f 73
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAamIDATxoGHH\ttEY$$T9D$E$2(D*|P&2-GMd%p8wvf6gXii4{ov!f5L3Y3m3S~if8tVT&4L>6{nE,Uos


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              18192.168.2.54975813.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:20 UTC433OUTGET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:20 UTC515INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:20 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 1427
                                                                                              Connection: close
                                                                                              Last-Modified: Fri, 03 Nov 2023 21:43:36 GMT
                                                                                              ETag: 0x8DBDCB5EF021F8E
                                                                                              x-ms-request-id: 493a985f-801e-0076-6330-feecbb000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123120Z-16579567576phhfj0h0z9mnmag0000000c900000000097tn
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:20 UTC1427INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 05 28 49 44 41 54 78 01 ed 57 cd 6b 24 45 14 7f af 67 86 c4 5d cd 8e 9b 05 d1 3d ec e8 1f 20 5e 3d 28 eb 41 04 41 44 10 3c 66 d1 53 92 d3 42 40 72 da 11 84 5c b3 7f 80 24 39 48 40 d4 8b 17 2f b2 e2 1f a0 1e 25 a7 01 11 16 17 35 1f f3 d1 dd d5 55 cf 57 df d5 d3 eb 4e 5a f0 22 53 a1 52 9d 57 5d ef fd de ef 7d 74 05 60 39 96 63 39 96 e3 3f 1d 08 ff 62 1c 1f 1f df e6 e5 9e 52 ea 15 5e fb bc 02 11 99 a9 9f f5 e4 41 52 4a 74 7b df f3 7a 77 7b 7b fb 67 68 39 5a 03 3c 3a 3a da 40 c4 43 0f ea 1f 56 3d 34 38 e2 89
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAa(IDATxWk$Eg]= ^=(AAD<fSB@r\$9H@/%5UWNZ"SRW]}t`9c9?bR^ARJt{zw{{gh9Z<::@CV=48


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              19192.168.2.54976340.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:20 UTC446OUTPOST /ppsecure/deviceaddcredential.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 7642
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:20 UTC7642OUTData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 71 75 65 73 74 3e 3c 43 6c 69 65 6e 74 49 6e 66 6f 20 6e 61 6d 65 3d 22 49 44 43 52 4c 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 3c 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 32 34 3c 2f 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 3c 2f 43 6c 69 65 6e 74 49 6e 66 6f 3e 3c 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 6c 70 62 74 6e 70 6c 6f 73 62 6d 69 70 64 3c 2f 4d 65 6d 62 65 72 6e 61 6d 65 3e 3c 50 61 73 73 77 6f 72 64 3e 4d 5a 6b 6a 6a 79 38 4d 69 29 66 7a 47 6d 53 44 43 3d 3f 6f 3c 2f 50 61 73 73 77 6f 72 64 3e 3c 2f 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4f 6c 64 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 76 6e 71 75 73 6b 66 70 70 70 63 69 76 63 3c 2f 4f 6c 64 4d
                                                                                              Data Ascii: <DeviceAddRequest><ClientInfo name="IDCRL" version="1.0"><BinaryVersion>24</BinaryVersion></ClientInfo><Authentication><Membername>02lpbtnplosbmipd</Membername><Password>MZkjjy8Mi)fzGmSDC=?o</Password></Authentication><OldMembername>02vnquskfpppcivc</OldM
                                                                                              2024-09-05 12:31:22 UTC542INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: text/xml
                                                                                              Expires: Thu, 05 Sep 2024 12:30:20 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C542_SN1
                                                                                              x-ms-request-id: 4a2613c9-c952-472b-8acf-4ad297cb703f
                                                                                              PPServer: PPV: 30 H: SN1PEPF0002F18A V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:21 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 17166
                                                                                              2024-09-05 12:31:22 UTC15842INData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 73 70 6f 6e 73 65 20 53 75 63 63 65 73 73 3d 22 74 72 75 65 22 3e 3c 73 75 63 63 65 73 73 3e 74 72 75 65 3c 2f 73 75 63 63 65 73 73 3e 3c 70 75 69 64 3e 30 30 31 38 38 30 30 46 34 45 41 44 43 46 45 38 3c 2f 70 75 69 64 3e 3c 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 33 3c 2f 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 3c 4c 69 63 65 6e 73 65 20 43 6f 6e 74 65 6e 74 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31 2d 38 63 63 35 2d 62 32 66 35 33 63 38 33 30 62 37 36 22 20 49 44 3d 22 37 31 36 65 63 32 38 36 2d 33 38 34 30 2d 34 34 35 35 2d 38 65 35 66 2d 62 30 30 64 33 39 31 64 30 66 36 65 22 20 4c 69 63 65 6e 73 65 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31
                                                                                              Data Ascii: <DeviceAddResponse Success="true"><success>true</success><puid>0018800F4EADCFE8</puid><DeviceTpmKeyState>3</DeviceTpmKeyState><License ContentID="3252b20c-d425-4711-8cc5-b2f53c830b76" ID="716ec286-3840-4455-8e5f-b00d391d0f6e" LicenseID="3252b20c-d425-4711
                                                                                              2024-09-05 12:31:22 UTC1324INData Raw: 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 30 39 2f 78 6d 6c 64 73 69 67 23 65 6e 76 65 6c 6f 70 65 64 2d 73 69 67 6e 61 74 75 72 65 22 2f 3e 3c 2f 54 72 61 6e 73 66 6f 72 6d 73 3e 3c 44 69 67 65 73 74 4d 65 74 68 6f 64 20 41 6c 67 6f 72 69 74 68 6d 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 30 34 2f 78 6d 6c 65 6e 63 23 73 68 61 32 35 36 22 2f 3e 3c 44 69 67 65 73 74 56 61 6c 75 65 3e 67 74 71 77 70 52 35 66 47 44 61 6f 48 73 4d 37 49 57 47 4b 5a 67 61 77 58 61 30 42 50 69 47 61 65 35 62 49 75 6e 2f 52 51 4a 41 3d 3c 2f 44 69 67 65 73 74 56 61 6c 75 65 3e 3c 2f 52 65 66 65 72 65 6e 63 65 3e 3c 2f 53 69 67 6e 65 64 49 6e 66 6f 3e 3c 53 69 67 6e 61 74 75 72 65 56 61 6c 75 65 3e 41 46 38 6f 46 52 2b 47 66
                                                                                              Data Ascii: tp://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>gtqwpR5fGDaoHsM7IWGKZgawXa0BPiGae5bIun/RQJA=</DigestValue></Reference></SignedInfo><SignatureValue>AF8oFR+Gf


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              20192.168.2.54975740.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:21 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 3592
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:21 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:21 UTC568INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:21 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C555_BL2
                                                                                              x-ms-request-id: d34d8915-78e3-4a5c-955b-003b6ede9ad5
                                                                                              PPServer: PPV: 30 H: BL02EPF0001D7BC V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:20 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 1276
                                                                                              2024-09-05 12:31:21 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              21192.168.2.54976913.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:21 UTC422OUTGET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:21 UTC536INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:21 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 2229
                                                                                              Connection: close
                                                                                              Last-Modified: Wed, 25 Oct 2023 19:48:24 GMT
                                                                                              ETag: 0x8DBD59359A9E77B
                                                                                              x-ms-request-id: 453f1ddb-801e-005f-6ffe-fa9af9000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123121Z-16579567576rhxz5kgqdm3tfq00000000cdg00000000fn2t
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 0
                                                                                              X-Cache-Info: L1_T2
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:21 UTC2229INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 08 4a 49 44 41 54 78 01 ed 98 6d 88 5c 57 19 c7 9f e7 dc 7b 37 89 49 9a dd 6c 5e d6 96 c0 c4 36 a1 d5 2f 49 a1 92 22 ea 06 ac a4 41 21 05 41 2a e8 ee 16 a4 82 e0 26 62 a5 b5 92 99 f1 8b 2f 68 b3 fd 92 16 ad 64 fb 29 16 62 53 6d 68 17 15 b2 a2 ed 07 b1 6c a8 95 d6 97 74 36 a9 35 69 d2 90 dd 6d bb 9b 99 7b ce 79 fc 3f e7 dc d9 8d 99 24 b3 2f f9 d8 03 77 9e 7b ce dc b9 e7 77 ff cf cb 39 77 88 3e 6c 4b 6b 4c 37 a8 f5 ee 1d 2b a5 44 25 c2 47 9a d2 f8 c8 8f b6 8f d3 0d 68 4b 06 dc f1 8d df f7 ae cc ba cb 6c a8
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaJIDATxm\W{7Il^6/I"A!A*&b/hd)bSmhlt65im{y?$/w{w9w>lKkL7+D%GhKl


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              22192.168.2.54977213.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:21 UTC425OUTGET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:21 UTC543INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:21 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 1154
                                                                                              Connection: close
                                                                                              Last-Modified: Wed, 25 Oct 2023 19:48:30 GMT
                                                                                              ETag: 0x8DBD5935D5B3965
                                                                                              x-ms-request-id: d980f417-701e-004a-5a07-ff5860000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123121Z-16579567576fh7f86y3uqsyhx00000000c5g00000000kzdx
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 69316365
                                                                                              X-Cache: TCP_HIT
                                                                                              X-Cache-Info: L1_T2
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:21 UTC1154INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 04 17 49 44 41 54 78 01 ed 97 cf 6f db 64 18 c7 bf 76 6a ea 34 69 e3 26 4b d4 b4 30 d2 f1 ab 4c 9a 96 c1 6e ed a1 30 0e 5c 10 4c b0 d3 0e ed 05 c1 05 35 3d ec 00 97 66 ff 41 72 43 02 a9 1a bb 70 03 c4 0d 6d 62 48 4c e2 f7 3a 0a 62 17 56 6b ab d6 aa cd 1a 37 4d 66 c7 89 fd ee 7d 9d 25 6b 1b 27 b1 1b 57 bd e4 23 39 f1 ef 7e fa 3c ef f3 bc 6f 80 1e 3d 8e 16 ce e9 8d c2 87 3f 24 4d 42 7e 04 88 04 2f e1 20 13 82 ac f9 e5 db 19 bb cb 3c 1c 62 10 73 d1 73 39 06 41 82 03 b7 80 d9 6f 6c df ed 38 82 13 5f 6f 10 b8
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaIDATxodvj4i&K0Ln0\L5=fArCpmbHL:bVk7Mf}%k'W#9~<o=?$MB~/ <bss9Aol8_o


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              23192.168.2.54977013.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:21 UTC431OUTGET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:21 UTC522INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:21 GMT
                                                                                              Content-Type: image/png
                                                                                              Content-Length: 1468
                                                                                              Connection: close
                                                                                              Last-Modified: Fri, 03 Nov 2023 21:43:14 GMT
                                                                                              ETag: 0x8DBDCB5E23DFC43
                                                                                              x-ms-request-id: f8a0931b-601e-0038-3afc-fe295e000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123121Z-16579567576gnfmq2acf56mm700000000cag000000005rpq
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 69316365
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:21 UTC1468INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 28 08 06 00 00 00 8c fe b8 6d 00 00 00 09 70 48 59 73 00 00 16 25 00 00 16 25 01 49 52 24 f0 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 05 51 49 44 41 54 78 01 ed 97 4b 6c 54 55 18 c7 ff e7 4e 19 62 da e0 b0 a1 01 03 5c 82 51 7c 52 16 1a 6d 6b 42 57 c4 c7 c2 2e 8c 26 24 46 62 44 17 26 b4 04 62 5c a0 ad 1a 63 dc c8 82 85 89 26 b4 09 68 89 1a a7 18 79 24 1a c6 05 75 41 02 17 19 23 46 03 13 10 4a 35 c8 50 fa 9a b9 f7 9c cf ef 3c ee 74 a6 96 76 da a6 2b e6 4b 4f ef cc b9 e7 9e ef 77 ff df e3 de 01 6a 56 b3 9a d5 ec ce 36 81 45 b6 cd 67 28 85 89 89 14 22 f8 20 e9 4b 0f 29 41 22 25 3c ac 85 42 8a a4 f2 a9 a8 52 8d e1 c5 d4 d5 70 75 3e 49 de a6
                                                                                              Data Ascii: PNGIHDR((mpHYs%%IR$sRGBgAMAaQIDATxKlTUNb\Q|RmkBW.&$FbD&b\c&hy$uA#FJ5P<tv+KOwjV6Eg(" K)A"%<BRpu>I


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              24192.168.2.54976813.107.246.404437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:21 UTC478OUTGET /assets/product_category_en/1.0.0/asset?assetgroup=ProductCategories HTTP/1.1
                                                                                              Host: edgeassetservice.azureedge.net
                                                                                              Connection: keep-alive
                                                                                              Edge-Asset-Group: ProductCategories
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:21 UTC538INHTTP/1.1 200 OK
                                                                                              Date: Thu, 05 Sep 2024 12:31:21 GMT
                                                                                              Content-Type: application/octet-stream
                                                                                              Content-Length: 82989
                                                                                              Connection: close
                                                                                              Last-Modified: Thu, 25 May 2023 20:28:02 GMT
                                                                                              ETag: 0x8DB5D5E89CE25EB
                                                                                              x-ms-request-id: 6fdf05a2-e01e-000b-5f3a-ff7073000000
                                                                                              x-ms-version: 2009-09-19
                                                                                              x-ms-lease-status: unlocked
                                                                                              x-ms-blob-type: BlockBlob
                                                                                              x-azure-ref: 20240905T123121Z-16579567576w5bqfyu10zdac7g0000000c4000000000e2hp
                                                                                              Cache-Control: public, max-age=604800
                                                                                              x-fd-int-roxy-purgeid: 69316365
                                                                                              X-Cache: TCP_HIT
                                                                                              Accept-Ranges: bytes
                                                                                              2024-09-05 12:31:21 UTC15846INData Raw: 0a 22 08 f2 33 12 1d 0a 0c 43 61 72 20 26 20 47 61 72 61 67 65 12 0d 42 65 6c 74 73 20 26 20 48 6f 73 65 73 0a 23 08 d7 2b 12 1e 0a 11 53 70 6f 72 74 73 20 26 20 4f 75 74 64 6f 6f 72 73 12 09 41 69 72 20 50 75 6d 70 73 0a 21 08 b8 22 12 1c 0a 0c 43 61 72 20 26 20 47 61 72 61 67 65 12 0c 42 6f 64 79 20 53 74 79 6c 69 6e 67 0a 34 08 c3 35 12 2f 0a 18 47 6f 75 72 6d 65 74 20 46 6f 6f 64 20 26 20 43 68 6f 63 6f 6c 61 74 65 12 13 53 70 69 63 65 73 20 26 20 53 65 61 73 6f 6e 69 6e 67 73 0a 27 08 a4 2c 12 22 0a 11 53 70 6f 72 74 73 20 26 20 4f 75 74 64 6f 6f 72 73 12 0d 53 6c 65 65 70 69 6e 67 20 47 65 61 72 0a 21 08 f5 36 12 1c 0a 0d 4c 61 77 6e 20 26 20 47 61 72 64 65 6e 12 0b 48 79 64 72 6f 70 6f 6e 69 63 73 0a 39 08 61 12 35 0a 11 42 6f 6f 6b 73 20 26 20 4d
                                                                                              Data Ascii: "3Car & GarageBelts & Hoses#+Sports & OutdoorsAir Pumps!"Car & GarageBody Styling45/Gourmet Food & ChocolateSpices & Seasonings',"Sports & OutdoorsSleeping Gear!6Lawn & GardenHydroponics9a5Books & M
                                                                                              2024-09-05 12:31:21 UTC16384INData Raw: 53 79 73 74 65 6d 20 41 63 63 65 73 73 6f 72 69 65 73 0a 20 08 a2 26 12 1b 0a 10 54 6f 6f 6c 73 20 26 20 48 61 72 64 77 61 72 65 12 07 54 6f 69 6c 65 74 73 0a 2c 08 f3 28 12 27 0a 14 4b 69 74 63 68 65 6e 20 26 20 48 6f 75 73 65 77 61 72 65 73 12 0f 45 6c 65 63 74 72 69 63 20 4d 69 78 65 72 73 0a 21 08 c0 32 12 1c 0a 04 54 6f 79 73 12 14 53 61 6e 64 62 6f 78 20 26 20 42 65 61 63 68 20 54 6f 79 73 0a 35 08 a5 25 12 30 0a 18 47 6f 75 72 6d 65 74 20 46 6f 6f 64 20 26 20 43 68 6f 63 6f 6c 61 74 65 12 14 53 65 61 66 6f 6f 64 20 43 6f 6d 62 69 6e 61 74 69 6f 6e 73 0a 24 08 d7 27 12 1f 0a 10 48 6f 6d 65 20 46 75 72 6e 69 73 68 69 6e 67 73 12 0b 43 61 6b 65 20 53 74 61 6e 64 73 0a 2e 08 a4 28 12 29 0a 14 4b 69 74 63 68 65 6e 20 26 20 48 6f 75 73 65 77 61 72 65 73
                                                                                              Data Ascii: System Accessories &Tools & HardwareToilets,('Kitchen & HousewaresElectric Mixers!2ToysSandbox & Beach Toys5%0Gourmet Food & ChocolateSeafood Combinations$'Home FurnishingsCake Stands.()Kitchen & Housewares
                                                                                              2024-09-05 12:31:21 UTC16384INData Raw: 47 61 72 61 67 65 20 46 6c 6f 6f 72 20 43 61 72 65 0a 25 08 f0 2a 12 20 0a 0f 4f 66 66 69 63 65 20 50 72 6f 64 75 63 74 73 12 0d 50 61 70 65 72 20 50 75 6e 63 68 65 73 0a 2d 08 c1 2c 12 28 0a 11 53 70 6f 72 74 73 20 26 20 4f 75 74 64 6f 6f 72 73 12 13 42 69 63 79 63 6c 65 20 41 63 63 65 73 73 6f 72 69 65 73 0a 22 08 a2 27 12 1d 0a 10 48 6f 6d 65 20 46 75 72 6e 69 73 68 69 6e 67 73 12 09 4e 6f 76 65 6c 74 69 65 73 0a 16 08 f3 29 12 11 0a 05 4d 75 73 69 63 12 08 45 78 65 72 63 69 73 65 0a 22 08 8e 31 12 1d 0a 11 53 70 6f 72 74 73 20 26 20 4f 75 74 64 6f 6f 72 73 12 08 53 77 69 6d 6d 69 6e 67 0a 26 08 d4 21 12 21 0a 12 42 65 61 75 74 79 20 26 20 46 72 61 67 72 61 6e 63 65 12 0b 4d 61 6b 65 75 70 20 4b 69 74 73 0a 3c 08 a5 2a 12 37 0a 13 4d 75 73 69 63 61 6c
                                                                                              Data Ascii: Garage Floor Care%* Office ProductsPaper Punches-,(Sports & OutdoorsBicycle Accessories"'Home FurnishingsNovelties)MusicExercise"1Sports & OutdoorsSwimming&!!Beauty & FragranceMakeup Kits<*7Musical
                                                                                              2024-09-05 12:31:21 UTC16384INData Raw: 6e 20 26 20 47 61 72 64 65 6e 12 05 42 75 6c 62 73 0a 21 08 a3 21 12 1c 0a 12 42 65 61 75 74 79 20 26 20 46 72 61 67 72 61 6e 63 65 12 06 4d 61 6b 65 75 70 0a 2d 08 49 12 29 0a 11 42 6f 6f 6b 73 20 26 20 4d 61 67 61 7a 69 6e 65 73 12 14 42 75 73 69 6e 65 73 73 20 26 20 45 63 6f 6e 6f 6d 69 63 73 0a 23 08 d5 23 12 1e 0a 09 43 6f 6d 70 75 74 69 6e 67 12 11 45 78 70 61 6e 73 69 6f 6e 20 4d 6f 64 75 6c 65 73 0a 2f 08 a2 24 12 2a 0a 0b 45 6c 65 63 74 72 6f 6e 69 63 73 12 1b 43 44 20 50 6c 61 79 65 72 73 20 26 20 53 74 65 72 65 6f 20 53 79 73 74 65 6d 73 0a 1f 08 d4 26 12 1a 0a 10 48 6f 6d 65 20 46 75 72 6e 69 73 68 69 6e 67 73 12 06 51 75 69 6c 74 73 0a 22 08 86 23 12 1d 0a 10 43 6c 6f 74 68 69 6e 67 20 26 20 53 68 6f 65 73 12 09 55 6e 64 65 72 77 65 61 72 0a
                                                                                              Data Ascii: n & GardenBulbs!!Beauty & FragranceMakeup-I)Books & MagazinesBusiness & Economics##ComputingExpansion Modules/$*ElectronicsCD Players & Stereo Systems&Home FurnishingsQuilts"#Clothing & ShoesUnderwear
                                                                                              2024-09-05 12:31:21 UTC16384INData Raw: 4f 75 74 64 6f 6f 72 73 12 0d 53 6c 65 65 70 69 6e 67 20 42 61 67 73 0a 24 08 bd 21 12 1f 0a 12 42 65 61 75 74 79 20 26 20 46 72 61 67 72 61 6e 63 65 12 09 46 72 61 67 72 61 6e 63 65 0a 28 08 63 12 24 0a 11 42 6f 6f 6b 73 20 26 20 4d 61 67 61 7a 69 6e 65 73 12 0f 4d 75 73 69 63 20 4d 61 67 61 7a 69 6e 65 73 0a 1e 08 8a 2b 12 19 0a 0f 4f 66 66 69 63 65 20 50 72 6f 64 75 63 74 73 12 06 52 75 6c 65 72 73 0a 2d 08 a9 33 12 28 0a 09 43 6f 6d 70 75 74 69 6e 67 12 1b 50 72 69 6e 74 65 72 20 50 61 72 74 73 20 26 20 41 74 74 61 63 68 6d 65 6e 74 73 0a 27 08 ef 23 12 22 0a 09 43 6f 6d 70 75 74 69 6e 67 12 15 54 68 69 6e 20 43 6c 69 65 6e 74 20 43 6f 6d 70 75 74 65 72 73 0a 37 08 bc 24 12 32 0a 0b 45 6c 65 63 74 72 6f 6e 69 63 73 12 23 49 6e 73 74 61 6c 6c 61 74 69
                                                                                              Data Ascii: OutdoorsSleeping Bags$!Beauty & FragranceFragrance(c$Books & MagazinesMusic Magazines+Office ProductsRulers-3(ComputingPrinter Parts & Attachments'#"ComputingThin Client Computers7$2Electronics#Installati
                                                                                              2024-09-05 12:31:21 UTC1607INData Raw: 43 61 72 20 26 20 47 61 72 61 67 65 12 1f 53 6e 6f 77 6d 6f 62 69 6c 65 20 26 20 41 54 56 20 53 6b 69 73 20 26 20 52 75 6e 6e 65 72 73 0a 23 08 a2 21 12 1e 0a 12 42 65 61 75 74 79 20 26 20 46 72 61 67 72 61 6e 63 65 12 08 54 77 65 65 7a 65 72 73 0a 30 08 8e 33 12 2b 0a 0c 50 65 74 20 53 75 70 70 6c 69 65 73 12 1b 50 65 74 20 48 61 62 69 74 61 74 20 26 20 43 61 67 65 20 53 75 70 70 6c 69 65 73 0a 29 08 d4 23 12 24 0a 09 43 6f 6d 70 75 74 69 6e 67 12 17 44 69 67 69 74 61 6c 20 4d 65 64 69 61 20 52 65 63 65 69 76 65 72 73 0a 2a 08 f3 2b 12 25 0a 11 53 70 6f 72 74 73 20 26 20 4f 75 74 64 6f 6f 72 73 12 10 42 6f 61 74 20 4d 61 69 6e 74 65 6e 61 6e 63 65 0a 22 08 d7 26 12 1d 0a 10 48 6f 6d 65 20 46 75 72 6e 69 73 68 69 6e 67 73 12 09 46 75 72 6e 69 74 75 72 65
                                                                                              Data Ascii: Car & GarageSnowmobile & ATV Skis & Runners#!Beauty & FragranceTweezers03+Pet SuppliesPet Habitat & Cage Supplies)#$ComputingDigital Media Receivers*+%Sports & OutdoorsBoat Maintenance"&Home FurnishingsFurniture


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              25192.168.2.549773152.195.19.974437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:21 UTC614OUTGET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1726144273&P2=404&P3=2&P4=gRzw0TlO28v3xn3M7ZJhhK0eBAMU0JhFJIg7WN8JZ5MTymrQli7NI%2bsdHZx608dhOnKfPCyJKrT9LBIEthiwCg%3d%3d HTTP/1.1
                                                                                              Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                              Connection: keep-alive
                                                                                              MS-CV: 3Al34tMPCy06pq6FBnsh7y
                                                                                              Sec-Fetch-Site: none
                                                                                              Sec-Fetch-Mode: no-cors
                                                                                              Sec-Fetch-Dest: empty
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:31:22 UTC632INHTTP/1.1 200 OK
                                                                                              Accept-Ranges: bytes
                                                                                              Age: 5466012
                                                                                              Cache-Control: public, max-age=17280000
                                                                                              Content-Type: application/x-chrome-extension
                                                                                              Date: Thu, 05 Sep 2024 12:31:21 GMT
                                                                                              Etag: "Gv3jDkaZdFLRHkoq2781zOehQE8="
                                                                                              Last-Modified: Wed, 24 Jan 2024 00:25:37 GMT
                                                                                              MS-CorrelationId: b4b4aabf-4d02-4629-96b1-a382405b6a31
                                                                                              MS-CV: 642I+iNy0Qp5KFcIV/sUKh.0
                                                                                              MS-RequestId: 5245ac9e-0afd-43ce-8780-5c7d0bedf1d4
                                                                                              Server: ECAcc (nyd/D11E)
                                                                                              X-AspNet-Version: 4.0.30319
                                                                                              X-AspNetMvc-Version: 5.3
                                                                                              X-Cache: HIT
                                                                                              X-CCC: US
                                                                                              X-CID: 11
                                                                                              X-Powered-By: ASP.NET
                                                                                              X-Powered-By: ARR/3.0
                                                                                              X-Powered-By: ASP.NET
                                                                                              Content-Length: 11185
                                                                                              Connection: close
                                                                                              2024-09-05 12:31:22 UTC11185INData Raw: 43 72 32 34 03 00 00 00 1d 05 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 bb 4e a9 d8 c8 e8 cb ac 89 0d 45 23 09 ef 07 9e ab ed 9a 39 65 ef 75 ea 71 bc a5 c4 56 59 59 ef 8c 08 40 04 2b ed 43 d0 dc 6b a7 4f 88 b9 62 4b d3 60 94 de 36 ee 47 92 ab 25 8a 1e cc 0d fa 33 5a 12 19 8e 65 20 5f fd 36 15 d6 13 1e 46 ae 8b 31 70 18 f1 a8 4b 1d 5a ff de 0e 83 8e 11 b2 2f 20 ed 33 88 cb fb 4f 54 94 9e 60 00 d3 bc 30 ab c0 d7 59 8b b0 96 46 54 fc f0 34 33 1c 74 68 d6 79 f9 0c 8c 7d 8a 91 98 ca 70 c6 4c 0f 1b c8 32 53 b9 26 69 cc 60 09 8d 6f ec f9 a6 66 8d 6f 48 81 0e 05 8a f1 97 4e b8 c3 94 3a b3 f7 69 6a 54 89 33 da 9e 46 7b d1 30 bb 2c cc 66 3f 27 66 e3 43 51 74 3b 62 5f 22 50 63 08 e5 20
                                                                                              Data Ascii: Cr240"0*H0NE#9euqVYY@+CkObK`6G%3Ze _6F1pKZ/ 3OT`0YFT43thy}pL2S&i`ofoHN:ijT3F{0,f?'fCQt;b_"Pc


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              26192.168.2.54977520.114.59.183443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:22 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: */*
                                                                                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                              Host: slscr.update.microsoft.com
                                                                                              2024-09-05 12:31:23 UTC560INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/octet-stream
                                                                                              Expires: -1
                                                                                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                              ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                              MS-CorrelationId: 23397f24-16ff-4486-a51f-177981846724
                                                                                              MS-RequestId: dac64d39-aa76-4cee-8155-91b3be8661bb
                                                                                              MS-CV: 2tqYVCNtLECPaYW2.0
                                                                                              X-Microsoft-SLSClientCache: 2880
                                                                                              Content-Disposition: attachment; filename=environment.cab
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Date: Thu, 05 Sep 2024 12:31:22 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 24490
                                                                                              2024-09-05 12:31:23 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                              Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                              2024-09-05 12:31:23 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                              Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              27192.168.2.54978040.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:23 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 3592
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:23 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:24 UTC569INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:23 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C527_SN1
                                                                                              x-ms-request-id: 59a32bb4-e761-4d8a-a2b1-8cca72bed6c4
                                                                                              PPServer: PPV: 30 H: SN1PEPF0002FA2C V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:23 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 11389
                                                                                              2024-09-05 12:31:24 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              28192.168.2.54978240.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:25 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 3592
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:25 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:25 UTC569INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:25 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C527_SN1
                                                                                              x-ms-request-id: 14f151f7-8d3a-4be0-bf56-8f7b519f48d2
                                                                                              PPServer: PPV: 30 H: SN1PEPF0002F134 V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:24 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 11389
                                                                                              2024-09-05 12:31:25 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              29192.168.2.54978340.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:26 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 4775
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:26 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:27 UTC568INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:26 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C555_SN1
                                                                                              x-ms-request-id: 81f5ca3e-e72f-4640-8135-407972b3b2a6
                                                                                              PPServer: PPV: 30 H: SN1PEPF0003FB37 V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:26 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 1918
                                                                                              2024-09-05 12:31:27 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              30192.168.2.54978540.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:28 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 4775
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:28 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:28 UTC569INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:28 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C527_SN1
                                                                                              x-ms-request-id: 94c804c8-6934-46ff-8e63-c35e8728a0ab
                                                                                              PPServer: PPV: 30 H: SN1PEPF0003F953 V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:28 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 11409
                                                                                              2024-09-05 12:31:28 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              31192.168.2.54978440.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:28 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 4775
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:28 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:28 UTC568INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:28 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C555_SN1
                                                                                              x-ms-request-id: 459955de-738a-4d96-ba83-ada8e648eeb7
                                                                                              PPServer: PPV: 30 H: SN1PEPF0002FA24 V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:28 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 1918
                                                                                              2024-09-05 12:31:28 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              32192.168.2.54978640.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:29 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 4775
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:29 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:30 UTC569INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:29 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C527_SN1
                                                                                              x-ms-request-id: c9f29be6-610b-4476-8d83-5211b2b4b6ca
                                                                                              PPServer: PPV: 30 H: SN1PEPF0002F1B5 V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:29 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 11409
                                                                                              2024-09-05 12:31:30 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              33192.168.2.54978740.126.31.69443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:31:31 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                              Connection: Keep-Alive
                                                                                              Content-Type: application/soap+xml
                                                                                              Accept: */*
                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                              Content-Length: 4775
                                                                                              Host: login.live.com
                                                                                              2024-09-05 12:31:31 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                              2024-09-05 12:31:31 UTC569INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-store, no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/soap+xml; charset=utf-8
                                                                                              Expires: Thu, 05 Sep 2024 12:30:31 GMT
                                                                                              P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                                                              x-ms-route-info: C527_BL2
                                                                                              x-ms-request-id: bc621294-aea8-4588-ade9-28a10f1f47d9
                                                                                              PPServer: PPV: 30 H: BL02EPF0002791B V: 0
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                              X-XSS-Protection: 1; mode=block
                                                                                              Date: Thu, 05 Sep 2024 12:31:30 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 11409
                                                                                              2024-09-05 12:31:31 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              34192.168.2.54979920.114.59.183443
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:32:00 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=hdKrGKVxsOrhn2G&MD=bUKt+RBK HTTP/1.1
                                                                                              Connection: Keep-Alive
                                                                                              Accept: */*
                                                                                              User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                              Host: slscr.update.microsoft.com
                                                                                              2024-09-05 12:32:01 UTC560INHTTP/1.1 200 OK
                                                                                              Cache-Control: no-cache
                                                                                              Pragma: no-cache
                                                                                              Content-Type: application/octet-stream
                                                                                              Expires: -1
                                                                                              Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                              ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                              MS-CorrelationId: 4c6babf3-87ec-4416-a03a-b92adce94d79
                                                                                              MS-RequestId: c93bf00b-d30d-470d-b6f3-8f926758929a
                                                                                              MS-CV: tK1D6Pw6LEqyKL7q.0
                                                                                              X-Microsoft-SLSClientCache: 1440
                                                                                              Content-Disposition: attachment; filename=environment.cab
                                                                                              X-Content-Type-Options: nosniff
                                                                                              Date: Thu, 05 Sep 2024 12:31:59 GMT
                                                                                              Connection: close
                                                                                              Content-Length: 30005
                                                                                              2024-09-05 12:32:01 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                              Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                              2024-09-05 12:32:01 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                              Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                              35192.168.2.54980623.55.235.1704437188C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              TimestampBytes transferredDirectionData
                                                                                              2024-09-05 12:33:13 UTC442OUTOPTIONS /api/report?cat=bingbusiness HTTP/1.1
                                                                                              Host: bzib.nelreports.net
                                                                                              Connection: keep-alive
                                                                                              Origin: https://business.bing.com
                                                                                              Access-Control-Request-Method: POST
                                                                                              Access-Control-Request-Headers: content-type
                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                              2024-09-05 12:33:13 UTC330INHTTP/1.1 429 Too Many Requests
                                                                                              Content-Length: 0
                                                                                              Date: Thu, 05 Sep 2024 12:33:13 GMT
                                                                                              Connection: close
                                                                                              PMUSER_FORMAT_QS:
                                                                                              X-CDN-TraceId: 0.a6eb3717.1725539593.2b43c1
                                                                                              Access-Control-Allow-Credentials: false
                                                                                              Access-Control-Allow-Methods: *
                                                                                              Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                                                              Access-Control-Allow-Origin: *


                                                                                              Statistics

                                                                                              CPU Usage

                                                                                              Click to jump to process

                                                                                              Memory Usage

                                                                                              Click to jump to process

                                                                                              High Level Behavior Distribution

                                                                                              Click to dive into process behavior distribution

                                                                                              Behavior

                                                                                              Click to jump to process

                                                                                              System Behavior

                                                                                              General

                                                                                              Target ID:0
                                                                                              Start time:08:31:05
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Users\user\Desktop\file.exe
                                                                                              Wow64 process (32bit):true
                                                                                              Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                              Imagebase:0xb80000
                                                                                              File size:917'504 bytes
                                                                                              MD5 hash:9174E680D1B0EA8CDB3EE932EC2DFC6F
                                                                                              Has elevated privileges:true
                                                                                              Has administrator privileges:true
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:low
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:1
                                                                                              Start time:08:31:06
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:true
                                                                                              Has administrator privileges:true
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:moderate
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:3
                                                                                              Start time:08:31:06
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
                                                                                              Imagebase:0x7ff79f9e0000
                                                                                              File size:676'768 bytes
                                                                                              MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                              Has elevated privileges:true
                                                                                              Has administrator privileges:true
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:high
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:4
                                                                                              Start time:08:31:06
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd --attempting-deelevation
                                                                                              Imagebase:0x7ff79f9e0000
                                                                                              File size:676'768 bytes
                                                                                              MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:high
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:5
                                                                                              Start time:08:31:06
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
                                                                                              Imagebase:0x7ff79f9e0000
                                                                                              File size:676'768 bytes
                                                                                              MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:high
                                                                                              Has exited:false

                                                                                              General

                                                                                              Target ID:7
                                                                                              Start time:08:31:07
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=2056,i,6247163367441240488,2576398707470590896,262144 /prefetch:3
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:true
                                                                                              Has administrator privileges:true
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:moderate
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:8
                                                                                              Start time:08:31:08
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://accounts.google.com/v3/signin/challenge/pwd
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:moderate
                                                                                              Has exited:false

                                                                                              General

                                                                                              Target ID:9
                                                                                              Start time:08:31:08
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2688 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:3
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:moderate
                                                                                              Has exited:false

                                                                                              General

                                                                                              Target ID:11
                                                                                              Start time:08:31:11
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2248 -parentBuildID 20230927232528 -prefsHandle 2196 -prefMapHandle 2188 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ccf95cfb-f749-4af2-904e-7994877402df} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2408cb6db10 socket
                                                                                              Imagebase:0x7ff79f9e0000
                                                                                              File size:676'768 bytes
                                                                                              MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:high
                                                                                              Has exited:false

                                                                                              General

                                                                                              Target ID:12
                                                                                              Start time:08:31:12
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6532 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:moderate
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:13
                                                                                              Start time:08:31:12
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6736 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:moderate
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:18
                                                                                              Start time:08:31:15
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4456 -parentBuildID 20230927232528 -prefsHandle 4340 -prefMapHandle 4336 -prefsLen 26273 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f8d3111-a88f-4b01-91e4-af2e9be1c464} 1816 "\\.\pipe\gecko-crash-server-pipe.1816" 2409f819410 rdd
                                                                                              Imagebase:0x7ff79f9e0000
                                                                                              File size:676'768 bytes
                                                                                              MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Reputation:high
                                                                                              Has exited:false

                                                                                              General

                                                                                              Target ID:19
                                                                                              Start time:08:31:16
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --mojo-platform-channel-handle=8500 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Has exited:false

                                                                                              General

                                                                                              Target ID:20
                                                                                              Start time:08:31:17
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=8648 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:21
                                                                                              Start time:08:31:18
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=price_comparison_service.mojom.DataProcessor --lang=en-GB --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=8496 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Has exited:true

                                                                                              General

                                                                                              Target ID:24
                                                                                              Start time:08:32:08
                                                                                              Start date:05/09/2024
                                                                                              Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              Wow64 process (32bit):false
                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=8780 --field-trial-handle=2732,i,2053604425234520121,15701562997204502456,262144 /prefetch:8
                                                                                              Imagebase:0x7ff6c1cf0000
                                                                                              File size:4'210'216 bytes
                                                                                              MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                              Has elevated privileges:false
                                                                                              Has administrator privileges:false
                                                                                              Programmed in:C, C++ or other language
                                                                                              Has exited:false

                                                                                              Disassembly

                                                                                              Reset < >