Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1609456
MD5:d1bf8e67a6a73aded20586aab5f29510
SHA1:a83f4fa3510333fe0223fa49df40275f6bcffb88
SHA256:f8537e5844cce90e065d476053c9d8dcd8a8369102975ae3cdfd74d4644bb105
Tags:CredentialFlusherexeuser-aachum
Infos:

Detection

Credential Flusher
Score:84
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Excessive usage of taskkill to terminate processes
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Machine Learning detection for sample
Connects to many different domains
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected non-DNS traffic on DNS port
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 7632 cmdline: "C:\Users\user\Desktop\random.exe" MD5: D1BF8E67A6A73ADED20586AAB5F29510)
    • taskkill.exe (PID: 7696 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7704 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7780 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7788 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7840 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7848 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7900 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7908 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7964 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7972 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 8024 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • taskkill.exe (PID: 5316 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6684 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 2136 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6524 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 5308 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 5448 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1912 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6060 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7696 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7728 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 3348 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • taskkill.exe (PID: 8180 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7584 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 8132 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 8152 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7304 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7372 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6044 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6728 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1872 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7484 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 7708 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 8068 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 8084 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 6728 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7549311c-e0e7-4a01-aa93-591359495f37} 8084 "\\.\pipe\gecko-crash-server-pipe.8084" 23f44a6eb10 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 3632 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 2052 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7648 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2308 -parentBuildID 20230927232528 -prefsHandle 2252 -prefMapHandle 2236 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2597704f-3549-4520-87b8-69786454f492} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2f52f16f510 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 5308 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 5448 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 1948 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2276 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3665753-fa1f-4a96-aa92-02db64cd4d7c} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e09296d710 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 4904 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2660 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1356 -prefMapHandle 2712 -prefsLen 32327 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a077616c-92d4-4020-bf3e-bb2a9ef83594} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e0a9ee7710 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 7632JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeVirustotal: Detection: 30%Perma Link
    Source: random.exeReversingLabs: Detection: 28%
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 97.8% probability
    Machine Learning detection for sample
    Source: random.exeJoe Sandbox ML: detected
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53049 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.9:53067 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.9:53074 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53115 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53121 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53120 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53126 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.9:53127 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.9:53128 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53132 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53133 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53131 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.9:53134 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53138 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53139 version: TLS 1.2
    Source: Binary string: The name of the library's debug file. For example, 'xul.pdb source: firefox.exe, 0000001E.00000002.1620718756.000002F53F521000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: "description": "The name of the library's debug file. For example, 'xul.pdb" source: firefox.exe, 0000001E.00000002.1620718756.000002F53F533000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621463932.000002F53F70E000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: Whether the suggest result can be deleted by the user.An object encapsulating one result of a history query.The id of the tab for which you want to modify the page action.Information sent when a context menu item is clicked.The details of the tab where the menu was opened.Gets the html document set as the popup for this page action.Gathers the profile data from the current profiling session.The algorithm used to hash the extension XPI file.Opens the extension page action in the active window.The maximum number of results to retrieve. Defaults to 100.Whether to also include default menu items in the menu.The number of times the user has navigated to this page.An integer value of button by which menu item was clicked.An integer value of button by which menu item was clicked.The id of the tab for which you want to modify the page action.Specifies a command to issue for the context click.The version of the extension installed by the study.The record ID for the extension in Normandy server's database.Marks the study as ended and then uninstalls the addon.Removes all occurrences of the given URL from the history.Fired when the title of a URL is changed in the browser history.The id of the tab for which you want to modify the page action.A list of thread names for which to capture profiles.Stops the profiler and discards any captured profile data.The name of the file inside the profile/profiler directoryThe id of the tab for which you want to modify the page action.The type of menu item. Defaults to 'normal' if not specified.The id of the tab for which you want to modify the page action.The name of the library's debug file. For example, 'xul.pdbRequired when context is 'tab'. Requires 'tabs' permission.The style ranges for the description, as provided by ToValue().Removes all context menu items added by this extension.A partial SuggestResult object, without the 'content' parameter.Search engine to use. Uses the default if not specified.Use the chrome.search API to search via the default provider.The key which corresponds to the value being set.Include sites that the user has pinned on the Firefox new tab.GET parameters to the search_url as a query string.The id of the tab whose value is being retrieved from.POST parameters to the search_url as a query string.Location where search results should be displayed.String to query with the default search provider.User has accepted what is typed into the omnibox.checks whether a PKCS#11 module, given by name, is installedThe id of the tab that the key/value pair is being set on.Retrieve a value that was set for a given key on a given window.Retrieve a value that was set for a given key on a given tab.The id of the tab whose key/value pair is being removed.Remove a key/value pair that was set on a given window.The name of the alarm to clear. Defaults to the empty string.Gets the list of recently closed tabs and/or windows.The style ranges for the description, as provided by ToValue().The key which corresponds to
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0045DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0042C2A2 FindFirstFileExW,0_2_0042C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004668EE FindFirstFileW,FindClose,0_2_004668EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0046698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0045D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0045D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00469642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00469642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0046979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00469B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00469B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00465C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00465C97
    Source: firefox.exeMemory has grown: Private usage: 0MB later: 44MB
    Source: unknownNetwork traffic detected: DNS query count 34
    Source: global trafficTCP traffic: 192.168.2.9:53045 -> 162.159.36.2:53
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewIP Address: 151.101.129.91 151.101.129.91
    Source: Joe Sandbox ViewIP Address: 34.49.51.44 34.49.51.44
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046CE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_0046CE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKLast-Modified: Fri, 08 Nov 2024 02:52:28 GMTETag: 85430baed3398695717b0263807cf97cContent-Length: 453023Accept-Ranges: bytesX-Timestamp: 1731034347.00215Content-Type: application/zipX-Trans-Id: txae98f05a963b495faffd8-00672e4c83dfw1Cache-Control: public, max-age=84277Expires: Sat, 08 Feb 2025 16:18:05 GMTDate: Fri, 07 Feb 2025 16:53:28 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 bd Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "url": "https://www.facebook.com/", equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "url": "https://www.youtube.com/", equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E79B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E79B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E79B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://trends.google.com/trends/embed*toolkit.telemetry.send.overrideOfficialChecktoolkit.telemetry.overrideUpdateChannel*://*.adsafeprotected.com/jload?**://ads.stickyadstv.com/auto-user-sync**://www.facebook.com/platform/impression.php*color-mix(in srgb, currentColor 9%, transparent)toolkit.telemetry.shutdownPingSender.enabled*://pubads.g.doubleclick.net/gampad/*ad-blk**://pubads.g.doubleclick.net/gampad/*xml_vmap1**://securepubads.g.doubleclick.net/gampad/*ad*toolkit.telemetry.untrustedModulesPing.frequency*://pubads.g.doubleclick.net/gampad/*ad**://vast.adsafeprotected.com/vast*toolkit.telemetry.testing.disableFuzzingDelay equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000002E.00000003.1841659032.000001E0A1D65000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1857618472.000001E0AB782000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php**://trends.google.com/trends/embed*--autocomplete-popup-separator-color*://pubads.g.doubleclick.net/gampad/*xml_vmap2*resource://gre/modules/AddonManager.sys.mjs equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.gstatic.com/firebasejs/*/firebase-messaging.js*color-mix(in srgb, currentColor 25%, transparent)*://id.rambler.ru/rambler-id-helper/auth_events.jsC:\Program Files\Mozilla Firefox\browser\featurescolor-mix(in srgb, currentColor 14%, transparent)linear-gradient(90deg, #9059FF 0%, #FF4AA2 52.08%, #FFBD4F 100%)resource://gre/modules/TelemetryScheduler.sys.mjs equals www.rambler.ru (Rambler)
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Wikipedia&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Reddit&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Twitter&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></section></div></div></div></div><style data-styles="[[null]]"></style></div><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div></div></div></div><style data-styles="[[null]]"></style></div></div></main></div></div> equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: @mozilla.org/addons/addon-manager-startup;1@mozilla.org/network/safe-file-output-stream;1webcompat-reporter@mozilla.org.xpi*://connect.facebook.net/*/all.js*resource://gre/modules/FileUtils.sys.mjs*://auth.9c9media.ca/auth/main.js*://static.chartbeat.com/js/chartbeat_video.js*://*.imgur.com/js/vendor.*.bundle.jsFileUtils_closeAtomicFileOutputStream*://*.imgur.io/js/vendor.*.bundle.js*://www.rva311.com/static/js/main.*.chunk.js*://web-assets.toggl.com/app/assets/scripts/*.js*://static.criteo.net/js/ld/publishertag.js@mozilla.org/network/file-output-stream;1*://www.everestjs.net/static/st.v3.js**://libs.coremetrics.com/eluminate.jsFileUtils_openAtomicFileOutputStreamresource://gre/modules/addons/XPIProvider.jsmwebcompat-reporter%40mozilla.org:1.5.1FileUtils_openSafeFileOutputStream@mozilla.org/network/atomic-file-output-stream;1https://smartblock.firefox.etp/play.svghttps://smartblock.firefox.etp/facebook.svg*://track.adform.net/serving/scripts/trackpoint/*://www.googletagmanager.com/gtm.js**://pagead2.googlesyndication.com/tag/js/gpt.js**://www.google-analytics.com/gtm/js**://www.google-analytics.com/plugins/ua/ec.js*://cdn.adsafeprotected.com/iasPET.1.js*://static.adsafeprotected.com/iasPET.1.js*://ssl.google-analytics.com/ga.js*://*.moatads.com/*/moatheader.js**://s0.2mdn.net/instream/html5/ima3.js*://www.googletagservices.com/tag/js/gpt.js**://adservex.media.net/videoAds.js**://imasdk.googleapis.com/js/sdkloader/ima3.js*://cdn.optimizely.com/public/*.js*://*.vidible.tv/*/vidible-min.js**://s.webtrends.com/js/advancedLinkTracking.js*://www.google-analytics.com/analytics.js**://js.maxmind.com/js/apis/geoip2/*/geoip2.js*://s.webtrends.com/js/webtrends.js*://s.webtrends.com/js/webtrends.min.jscolor-mix(in srgb, currentColor 9%, transparent) equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: @mozilla.org/network/protocol;1?name=default{9e9a9283-0ce9-4e4a-8f1c-ba129a032c32}resource://devtools/shared/security/socket.js@mozilla.org/network/protocol;1?name=fileJSON Viewer's onSave failed in startPersistenceUnable to start devtools server on No callback set for this channel.releaseDistinctSystemPrincipalLoader@mozilla.org/uriloader/handler-service;1^([a-z+.-]+:\/{0,3})*([^\/@]+@).+^[a-z0-9-]+(\.[a-z0-9-]+)*:[0-9]{1,5}([/?#]|$)^([a-z][a-z0-9.+\t-]*)(:|;)?(\/\/)?browser.fixup.domainsuffixwhitelist.DevToolsStartup.jsm:handleDebuggerFlagget FIXUP_FLAG_ALLOW_KEYWORD_LOOKUPget FIXUP_FLAGS_MAKE_ALTERNATE_URIWebChannel/this._originCheckCallbackdevtools.performance.popup.feature-flagbrowser.fixup.dns_first_for_single_wordsbrowser.urlbar.dnsResolveFullyQualifiedNamesdevtools.performance.recording.ui-base-urlGot invalid request to save JSON data^(?<url>\w+:.+):(?<line>\d+):(?<column>\d+)$resource://devtools/server/devtools-server.jsDevTools telemetry entry point failed: @mozilla.org/dom/slow-script-debug;1Failed to listen. Callback argument missing.devtools/client/framework/devtools-browserdevtools.debugger.remote-websocketFailed to execute WebChannel callback:Failed to listen. Listener already attached.devtools/client/framework/devtools@mozilla.org/uriloader/local-handler-app;1http://win.mail.ru/cgi-bin/sentmsg?mailto=%s{c6cf88b7-452e-47eb-bdc9-86e3561648ef}resource://gre/modules/FileUtils.sys.mjshandlerSvc fillHandlerInfo: don't know this typehttps://mail.inbox.lv/compose?to=%s@mozilla.org/uriloader/web-handler-app;1Scheme should be either http or httpsextractScheme/fixupChangedProtocol<gecko.handlerService.defaultHandlersVersionhttp://compose.mail.yahoo.co.jp/ym/Compose?To=%sresource://gre/modules/NetUtil.sys.mjs@mozilla.org/network/file-input-stream;1_finalizeInternal/this._finalizePromise<resource://gre/modules/DeferredTask.sys.mjsresource://gre/modules/JSONFile.sys.mjs@mozilla.org/uriloader/dbus-handler-app;1resource://gre/modules/DeferredTask.sys.mjsresource://gre/modules/URIFixup.sys.mjsresource://gre/modules/FileUtils.sys.mjsresource://gre/modules/ExtHandlerService.sys.mjshttps://e.mail.ru/cgi-bin/sentmsg?mailto=%sCan't invoke URIFixup in the content processresource://gre/modules/JSONFile.sys.mjs{33d75835-722f-42c0-89cc-44f328e56a86}get FIXUP_FLAG_FORCE_ALTERNATE_URIisDownloadsImprovementsAlreadyMigratedhttps://mail.yahoo.co.jp/compose/?To=%shttp://poczta.interia.pl/mh/?mailto=%s_injectDefaultProtocolHandlersIfNeededhttp://www.inbox.lv/rfc2368/?value=%shttps://poczta.interia.pl/mh/?mailto=%s@mozilla.org/network/input-stream-pump;1@mozilla.org/network/async-stream-copier;1newChannel requires a single object argumentSEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULLFirst argument should be an nsIInputStreamNon-zero amount of bytes must be specified@mozilla.org/network/simple-stream-listener;1https://mail.yahoo.co.jp/compose/?To=%s@mozilla.org/scriptableinputstream;1@mozilla.org/intl/converter-input-stream;1https://e.mail.ru/cgi-bin/sentmsg?mailto=%sh
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Must have a source and a callback@mozilla.org/network/simple-stream-listener;1@mozilla.org/network/async-stream-copier;1@mozilla.org/uriloader/web-handler-app;1resource://gre/modules/ExtHandlerService.sys.mjs@mozilla.org/network/input-stream-pump;1gecko.handlerService.defaultHandlersVersionnewChannel requires a single object argumentSEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULLresource://gre/modules/FileUtils.sys.mjshttps://mail.yahoo.co.jp/compose/?To=%sresource://gre/modules/URIFixup.sys.mjs@mozilla.org/uriloader/local-handler-app;1First argument should be an nsIInputStreamNon-zero amount of bytes must be specified@mozilla.org/intl/converter-input-stream;1resource://gre/modules/JSONFile.sys.mjs@mozilla.org/scriptableinputstream;1http://win.mail.ru/cgi-bin/sentmsg?mailto=%shttps://e.mail.ru/cgi-bin/sentmsg?mailto=%shttp://compose.mail.yahoo.co.jp/ym/Compose?To=%shttp://www.inbox.lv/rfc2368/?value=%shttps://mail.inbox.lv/compose?to=%shttps://poczta.interia.pl/mh/?mailto=%shandlerSvc fillHandlerInfo: don't know this typehttp://poczta.interia.pl/mh/?mailto=%sresource://gre/modules/NetUtil.sys.mjs@mozilla.org/uriloader/dbus-handler-app;1resource://gre/modules/DeferredTask.sys.mjs@mozilla.org/network/file-input-stream;1_finalizeInternal/this._finalizePromise<set styleSheetChangeEventsEnabledshouldReportForServiceWorkerScopedevToolsAnonymousAndShadowEventsEnabledWarning: unrecognized command line flagget styleSheetChangeEventsEnabledget hasValidTransientUserGestureActivationhttps://mail.yandex.ru/compose?mailto=%shttps://poczta.interia.pl/mh/?mailto=%sVALIDATE_DONT_COLLAPSE_WHITESPACEresource://gre/modules/Integration.sys.mjshttps://mail.inbox.lv/compose?to=%s_trackWindowOrder/firstMinimizedWindow<DOCUMENT_POSITION_IMPLEMENTATION_SPECIFICpreviousHandler.alwaysAskBeforeHandling.consumeTransientUserGestureActivationhttps://mail.yahoo.co.jp/compose/?To=%spdfjs.previousHandler.preferredAction@mozilla.org/uriloader/handler-service;1@mozilla.org/uriloader/handler-service;1resource://gre/modules/PromiseUtils.sys.mjs@mozilla.org/file/directory_service;1{6ebc941a-f2ff-4d56-b3b6-f7d0b9d73344}@mozilla.org/preferences-service;1@mozilla.org/embedcomp/window-watcher;1browser.download.viewableInternally.resource:///modules/HomePage.sys.mjsget devToolsAnonymousAndShadowEventsEnabledset devToolsAnonymousAndShadowEventsEnabledget mozDocumentURIIfNotForErrorPageshttps://e.mail.ru/cgi-bin/sentmsg?mailto=%spdfjs.previousHandler.alwaysAskBeforeHandling{96cf7855-dfa9-4c6d-8276-f9705b4890f2}resource://gre/modules/BrowserUtils.sys.mjs equals www.yahoo.com (Yahoo)
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F5440C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F5440C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;engine&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%shttp://www.inbox.lv/rfc2368/?value=%s equals www.yahoo.com (Yahoo)
    Source: firefox.exe, 0000002E.00000003.1811313448.000025C807403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000002E.00000003.1811313448.000025C807403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/Z equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: onPrefEnabledChanged() - removing gmp directory KEY_PLUGIN_LAST_INSTALL_FAIL_REASONKEY_PLUGIN_LAST_DOWNLOAD_FAIL_REASONstartup - adding clearkey CDM failedmedia.{0}.allow-x64-plugin-on-arm64onPrefEnabledChanged() - adding gmp directory - the given reason to update is not supporteduninstallPlugin() - unregistering gmp directory media.gmp-manager.secondsBetweenCheckssitepermsaddon-provider-registered*://c.amazon-adsystem.com/aax2/apstag.jsFileUtils_closeSafeFileOutputStreamFileUtils_closeAtomicFileOutputStream*://static.criteo.net/js/ld/publishertag.js*://connect.facebook.net/*/sdk.js**://connect.facebook.net/*/all.js**://cdn.branch.io/branch-latest.min.js**://static.chartbeat.com/js/chartbeat.js*://track.adform.net/serving/scripts/trackpoint/FileUtils_openSafeFileOutputStreamwebcompat-reporter%40mozilla.org:1.5.1*://www.everestjs.net/static/st.v3.js**://static.chartbeat.com/js/chartbeat_video.js*://*.imgur.io/js/vendor.*.bundle.js@mozilla.org/network/safe-file-output-stream;1pictureinpicture%40mozilla.org:1.0.0*://auth.9c9media.ca/auth/main.jsresource://gre/modules/addons/XPIProvider.jsm@mozilla.org/network/file-output-stream;1resource://gre/modules/FileUtils.sys.mjswebcompat-reporter@mozilla.org.xpihttps://smartblock.firefox.etp/facebook.svgFileUtils_openAtomicFileOutputStream@mozilla.org/network/atomic-file-output-stream;1*://*.imgur.com/js/vendor.*.bundle.js*://www.rva311.com/static/js/main.*.chunk.js*://web-assets.toggl.com/app/assets/scripts/*.js*://pub.doubleverify.com/signals/pub.js**://libs.coremetrics.com/eluminate.js@mozilla.org/addons/addon-manager-startup;1resource://gre/modules/TelemetryStorage.sys.mjs equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000002E.00000003.1811313448.000025C807403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: 206.23.85.13.in-addr.arpa
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000000E.00000002.1497664111.0000023F44A6B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597028492.000002F52F16B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%s
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%shttp://www.inbox.lv/rfc2368/?value=%s
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%sresource://gre/modules/NetUtil.sys.mjs
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
    Source: firefox.exe, 0000002E.00000003.1845258733.000001E0AD9F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000002E.00000003.1845258733.000001E0AD9F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://dev.w3.org/html5/spec/rendering.html#rendering
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListenerFailed
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListenerThe
    Source: firefox.exe, 0000000E.00000002.1503714556.0000023F50226000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A826000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/common
    Source: firefox.exe, 0000000E.00000002.1503714556.0000023F50261000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A857000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/dates-and-times
    Source: firefox.exe, 0000000E.00000002.1503714556.0000023F50226000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A826000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/math
    Source: firefox.exe, 0000000E.00000002.1503714556.0000023F50261000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressions
    Source: firefox.exe, 0000001E.00000002.1598215452.000002F53A857000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressions0
    Source: firefox.exe, 0000000E.00000002.1503714556.0000023F50226000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A826000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/sets
    Source: firefox.exe, 0000000E.00000002.1497664111.0000023F44A03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597028492.000002F52F103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/stringsp
    Source: firefox.exe, 0000002E.00000003.1781164557.000001E0AB7E7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000E.00000002.1511544970.0000023F54585000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1512082521.0000023F54707000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1511162982.0000023F54476000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492364584.0000023F54767000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1509736100.0000023F51FF0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A56000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1512082521.0000023F54704000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000003.1591513110.000002F53F71A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621653520.000002F53F71A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1615772244.000002F53EB55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF9A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E737000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621136879.000002F53F67B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E710000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F3A8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621290510.000002F53F6F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1620718756.000002F53F555000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1617416443.000002F53EEA0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sresource://gre/modules/NetUtil.sys.mjs
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
    Source: firefox.exe, 0000001E.00000002.1619220755.000002F53F4D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F303000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1665443151.000001E0A30AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://src.chromium.org/viewvc/chrome/trunk/src/third_party/cld/languages/internal/languages.cc
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%shttps://e.mail.ru/cgi-bin/sentmsg?mailto=%shttp://compos
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DEAD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.ethiopic.org/Collation/OrderedLists.html.
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.google.com
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%s
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
    Source: firefox.exe, 0000002E.00000003.1772668482.000001E0AC043000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-update
    Source: firefox.exe, 0000002E.00000003.1660553316.000001E09F180000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: firefox.exe, 0000001E.00000002.1612331816.000002F53E003000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1859686480.000001E0A1B6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1774559730.000001E0A1B6C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul%
    Source: firefox.exe, 0000001E.00000002.1615772244.000002F53EB3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul(
    Source: firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul);
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul.popup-notification-description
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul:
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E7CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulR
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://extensions/content/parent/ext-
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://passwordmgr/locale/passwordmgr
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulopenPreferences/internalPrefCategoryNam
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AFA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulresource:///modules/sessionstore/Sessio
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulsrc=image
    Source: firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/newlayout/xml/parsererror.xml);
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000003.1490688105.0000023F5473C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490561067.0000023F5471F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490954034.0000023F54777000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490398267.0000023F54500000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490806027.0000023F5475A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1601515142.000002F53B103000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A9BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/LOAD_RECORD_START_REQUEST_DELAYwikipedia
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/_contentPartitionedPrincipal
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000002E.00000003.1748578256.000001E0AD5A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1793327416.000001E0AD5C1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1719504089.000001E0AD5C1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1794283741.000001E0AD31F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1767590307.000001E0AD5A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DEDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.orgbrowser.migration.versionmedia.autoplay.blocking_policydevice-connected-no
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.orghttps://monitor.firefox.comchrome://browser/skin/menu.svg
    Source: firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.orgl
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54457000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.orgx
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000001E.00000002.1597028492.000002F52F111000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696495411400900000.2&ci=1696495411208.
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696495411400900000.1&ci=1696495411208.12791&cta
    Source: firefox.exe, 0000001E.00000002.1615772244.000002F53EBEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1612543962.000002F53E146000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180
    Source: firefox.exe, 0000001E.00000002.1612331816.000002F53E0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1854614037.000001E0A1BB9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180D
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180toolbar-context-menu-bookmarks-toolbar-on-new-ta
    Source: firefox.exe, 0000000E.00000002.1508013289.0000023F51A56000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1378427
    Source: firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1403293
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DE98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1592344
    Source: firefox.exe, 0000002E.00000003.1822987690.000001E0AD23D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
    Source: firefox.exe, 0000002E.00000003.1813911253.000001E0A32F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490561067.0000023F5471F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490954034.0000023F54777000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490398267.0000023F54500000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490806027.0000023F5475A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 0000001E.00000002.1597028492.000002F52F111000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crash-reports.mozilla.com/submit?id=
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1697411545.000001E0AA02E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000002E.00000003.1857618472.000001E0AB782000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTab
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabPlease
    Source: firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F36F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureOffscreenCanvas.toBlob()
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequest
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F371000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCapture
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F36F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarningElem
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureInstallTrigger.install()
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryption
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryptiondocument.requestSto
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1603670872.000002F53B487000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000003.1564327684.000002F53B533000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1814408111.000001E0A3218000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinations
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinationsLis
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinationsjar
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsing
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingTrying
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1697411545.000001E0AA02E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drafts.csswg.org/css-lists-3/#ua-stylesheet
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drafts.csswg.org/css-scoping/#slots-in-shadow-tree
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com
    Source: firefox.exe, 0000002E.00000003.1838594346.000001E0A2667000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000E.00000002.1513514553.00003D675F300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/Z
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sCan
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1610812349.000002F53DC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%sFailed
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F371000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608223044.000002F53B9F0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F3DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF24000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1607448959.000002F53B729000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1606263041.000002F53B653000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1826682868.000001E09F029000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1788691746.000001E09F029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/remote/Security.html
    Source: firefox.exe, 0000002E.00000003.1762191883.000001E0A33C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main-preview/collections/search-config/reco
    Source: firefox.exe, 0000002E.00000003.1762191883.000001E0A33C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/records
    Source: firefox.exe, 0000002E.00000003.1762191883.000001E0A33C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsr
    Source: firefox.exe, 0000001E.00000002.1597895292.000002F53A798000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1805655294.000001E09E0BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1Connecting
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1It
    Source: firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1i
    Source: firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1i#
    Source: firefox.exe, 0000001E.00000002.1598215452.000002F53A83A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1624933131.0000361658C04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600072218.000002F53AE03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E762000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DEC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.comU
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtab
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtab
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000E.00000002.1507904256.0000023F51903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1697411545.000001E0AA02E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/re2/blob/master/doc/syntax.txt
    Source: firefox.exe, 0000002E.00000003.1811716403.000001E0AA026000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000002E.00000003.1811716403.000001E0AA026000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000E.00000003.1490688105.0000023F5473C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490561067.0000023F5471F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490954034.0000023F54777000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490398267.0000023F54500000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490806027.0000023F5475A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1615772244.000002F53EBEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshotsexperiment-apis/aboutConfigPrefs.jsonexperiment-apis/
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshotsexperiment-apis/appConstants.jsonexperiment-apis/matc
    Source: firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/1072
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/whatwg/html/issues/8610
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000001E.00000002.1597028492.000002F52F111000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1805655294.000001E09E0BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881Used
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881Whether
    Source: firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881a
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/#bidi-rendering
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/#flow-content-3
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/#hidden-elements
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/#the-details-and-summary-elements
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/#the-hr-element-2
    Source: firefox.exe, 0000002E.00000003.1748578256.000001E0AD541000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1722059720.000001E0AD541000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1857618472.000001E0AB782000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1758498140.000001E0AD7DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1721141472.000001E0AD541000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1753735260.000001E0AD7DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqd4plX4pbW1CbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
    Source: firefox.exe, 0000001E.00000002.1606263041.000002F53B68B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E79B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000002E.00000003.1857618472.000001E0AB782000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000002.1508013289.0000023F51AC4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510987213.0000023F5431D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1507904256.0000023F51921000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608310071.000002F53BB04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608552886.000002F53BF15000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1610812349.000002F53DC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%sresource:///modules/sessionstore/SessionStore.sys.
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%sresource://gre/modules/handlers/HandlerList.sys.mj
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%ssetSlowScriptDebugHandler/debugService.remoteActiv
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sv
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%shttp://poczta.interia.pl/mh/?mailto=%s_injectDefaultProtocolH
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%sresource://gre/modules/URIFixup.sys.mjs
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
    Source: firefox.exe, 0000000E.00000002.1497664111.0000023F44AD7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.0000014112372000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597028492.000002F52F1DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 00000021.00000002.1594024498.0000021915A72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggestabout
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DEDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.comS
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000001E.00000002.1623204528.00000DABD1A04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1612331816.000002F53E0B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1854614037.000001E0A1BB9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org/
    Source: firefox.exe, 0000001E.00000002.1612543962.000002F53E146000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org/W
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1603019232.000002F53B355000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1603670872.000002F53B403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mzl.la/3NS9KJd
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000002.1510987213.0000023F5431D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1610812349.000002F53DC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%schrome://browser/content/schemas/devtools_ins
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%sresource://pdf.js/PdfJsDefaultPreferences.sys
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 0000000E.00000002.1510987213.0000023F5431D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000001E.00000002.1611953465.000002F53DF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s4
    Source: firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000001E.00000002.1609808766.000002F53C993000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com/
    Source: firefox.exe, 0000001E.00000002.1610417263.000002F53DB97000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.comTY8H
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.comWebChannelMessageToContentMOZ_BROWSER_TOOLBOX_BINARYnsIExternalProtocolS
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DEDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/Web
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/lib/about_compat_broker.js
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/lib/about_compat_broker.js__MSG_searchUrlGetParams__shims/mochitest-
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.combrowser.handlers.migrationschrome://browser/skin/menu.svgbookmarksToo
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.comshowBadgeOnlyNotificationaccount-connection-connected_migrateXULStore
    Source: firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.comzA8
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svgFileUtils_openAtomicFileOutputStream
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svghttps://smartblock.firefox.etp/facebook.svg
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-jsgetScalars
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixelC:
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DEDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000002E.00000003.1847073421.000001E0AD69E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000002E.00000003.1809184010.000001E0ADAB3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windows
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
    Source: firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThe
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsUse
    Source: firefox.exe, 0000002E.00000003.1772668482.000001E0AC043000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causes
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.orgBROWSER_SET_DEFAULT_ALWAYS_CHECKSHUTDOWN_CACHE_WRITE_TIMEOUT_MSPopulating
    Source: firefox.exe, 0000001E.00000003.1566051256.000002F53E774000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E773000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1656816376.000001E0A2072000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://svgwg.org/svg2-draft/struct.html#SymbolNotes:
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-west-first-party-cookies).
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DEDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
    Source: firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com(7O
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E79B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E733000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://w3c.github.io/mathml-core/#dfn-maction
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E733000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://w3c.github.io/mathml-core/#dfn-semantics
    Source: firefox.exe, 0000001E.00000002.1614414380.000002F53E733000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://w3c.github.io/mathml-core/#the-mathvariant-attribute
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1697411545.000001E0AA02E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000002E.00000003.1701577910.000001E0AB705000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_e149f5d53c9263616797a13067f7a114fa287709b159d0a5
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/chrome://extensions/content/schemas/experiments.j
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/chrome://extensions/content/schemas/user_scripts_
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/linear-gradient(90deg
    Source: firefox.exe, 0000001E.00000002.1620718756.000002F53F555000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000003.1591616441.000002F53F6E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1665864243.000001E0A3056000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.certificate-transparency.org/what-is-ct
    Source: firefox.exe, 0000002E.00000003.1701103477.000001E0AA11C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490561067.0000023F5471F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490954034.0000023F54777000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490398267.0000023F54500000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490806027.0000023F5475A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1602424878.000002F53B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/policies/privacy/
    Source: firefox.exe, 0000001E.00000002.1601515142.000002F53B18F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/policies/privacy/2
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/policies/privacy/List
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/searchamazondotcom
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/searchhttps://www.google.com/searchasyncEmitManifestEntry(
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
    Source: firefox.exe, 0000001E.00000002.1598215452.000002F53A83A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1606263041.000002F53B603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1624933131.0000361658C04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600072218.000002F53AE03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1594439652.000000F76C03C000.00000004.00000010.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DEC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 0000000E.00000002.1503714556.0000023F50255000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A857000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-content
    Source: firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.orgL4
    Source: firefox.exe, 0000000E.00000002.1496875246.00000057E4EFB000.00000004.00000010.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1594439652.000000F76C03C000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.orgo
    Source: firefox.exe, 0000000E.00000002.1504309306.0000023F503B3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1602424878.000002F53B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.openh264.org/
    Source: firefox.exe, 0000001E.00000002.1601515142.000002F53B18F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.openh264.org//
    Source: firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E79B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 0000002E.00000003.1811313448.000025C807403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sling.com/
    Source: firefox.exe, 0000002E.00000003.1857618472.000001E0AB782000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1602424878.000002F53B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.widevine.com/
    Source: firefox.exe, 0000001E.00000002.1601515142.000002F53B18F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.widevine.com/3
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.widevine.com/get
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.widevine.com/setupInstallLocations/locations
    Source: firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E773000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1811313448.000025C807403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000002E.00000003.1811313448.000025C807403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/Z
    Source: firefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
    Source: firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warningThe
    Source: firefox.exe, 00000021.00000002.1594899356.0000021915B80000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/chal
    Source: firefox.exe, 00000010.00000002.1494738179.0000014112240000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/chalQ
    Source: firefox.exe, 0000002E.00000003.1847073421.000001E0AD69E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1748578256.000001E0AD5A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1752705388.000001E0AD361000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1793327416.000001E0AD5C1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1719504089.000001E0AD5C1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1748578256.000001E0AD533000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1776024860.000001E0AD361000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1767590307.000001E0AD5A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000C.00000002.1453355041.0000021EF3F67000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.1478662120.000002924C39A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1497433638.0000023F447B0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001C.00000002.1533976640.000001B395D70000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.1554542996.0000020F63719000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1596442764.000002F52EE00000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002C.00000002.1645726793.000001F364E40000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002D.00000002.1652687451.0000018386FEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdDuration
    Source: firefox.exe, 0000000E.00000002.1502135909.0000023F46680000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1502135909.0000023F466BA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494738179.0000014112244000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494410131.0000014111F70000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597481148.000002F530D19000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597481148.000002F530CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594899356.0000021915B84000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593699934.0000021915690000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1680686653.000001E094210000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1686536341.000001E0A23A8000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1680686653.000001E094213000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: firefox.exe, 0000001E.00000002.1596442764.000002F52EE00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdV
    Source: firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwddedupeLogins:
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdmoz-extension://9f78
    Source: firefox.exe, 0000000E.00000002.1506479057.0000023F50C24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdmoz-extension://d5dd
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
    Source: unknownNetwork traffic detected: HTTP traffic on port 53069 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53125
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53047
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53124
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53123
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53122
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53129
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53128
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53127
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53049
    Source: unknownNetwork traffic detected: HTTP traffic on port 53126 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53126
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53050
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53055
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53132
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53131
    Source: unknownNetwork traffic detected: HTTP traffic on port 53066 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53130
    Source: unknownNetwork traffic detected: HTTP traffic on port 53059 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53139 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53112 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
    Source: unknownNetwork traffic detected: HTTP traffic on port 53116 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53049 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53074 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53059
    Source: unknownNetwork traffic detected: HTTP traffic on port 53127 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53136
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53057
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53134
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53133
    Source: unknownNetwork traffic detected: HTTP traffic on port 53123 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53139
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53138
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53137
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53060
    Source: unknownNetwork traffic detected: HTTP traffic on port 53120 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53066
    Source: unknownNetwork traffic detected: HTTP traffic on port 53067 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53140
    Source: unknownNetwork traffic detected: HTTP traffic on port 53138 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53130 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53117 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53134 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53050 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53073 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53140 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53069
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53067
    Source: unknownNetwork traffic detected: HTTP traffic on port 53124 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53128 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53073
    Source: unknownNetwork traffic detected: HTTP traffic on port 53121 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53060 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53057 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53074
    Source: unknownNetwork traffic detected: HTTP traffic on port 53114 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53131 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53137 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53118 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53133 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53119
    Source: unknownNetwork traffic detected: HTTP traffic on port 53047 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53114
    Source: unknownNetwork traffic detected: HTTP traffic on port 53055 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53112
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53118
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53117
    Source: unknownNetwork traffic detected: HTTP traffic on port 53129 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53116
    Source: unknownNetwork traffic detected: HTTP traffic on port 53125 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53115
    Source: unknownNetwork traffic detected: HTTP traffic on port 53122 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53121
    Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53120
    Source: unknownNetwork traffic detected: HTTP traffic on port 53115 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53136 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53119 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 53132 -> 443
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53049 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.9:53067 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.9:53074 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53115 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53121 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53120 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53126 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.129.91:443 -> 192.168.2.9:53127 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.9:53128 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53132 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53133 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.9:53131 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.9:53134 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53138 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.9:53139 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0046EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046ED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_0046ED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0046EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045AA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_0045AA57
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00489576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_00489576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000000.00000000.1371884145.00000000004B2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_aee43b98-6
    Source: random.exe, 00000000.00000000.1371884145.00000000004B2000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_9c7c0431-a
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045D5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_0045D5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00451201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00451201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045E8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_0045E8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003FBF400_2_003FBF40
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004620460_2_00462046
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F80600_2_003F8060
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004582980_2_00458298
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0042E4FF0_2_0042E4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0042676B0_2_0042676B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004848730_2_00484873
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003FCAF00_2_003FCAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0041CAA00_2_0041CAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0040CC390_2_0040CC39
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00426DD90_2_00426DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0040B1190_2_0040B119
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F91C00_2_003F91C0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004113940_2_00411394
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004117060_2_00411706
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0041781B0_2_0041781B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F79200_2_003F7920
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0040997D0_2_0040997D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004119B00_2_004119B0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00417A4A0_2_00417A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00411C770_2_00411C77
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00443CD20_2_00443CD2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00417CA70_2_00417CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0047BE440_2_0047BE44
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00429EEE0_2_00429EEE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00411F320_2_00411F32
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00414963 appears 31 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 003F9CB3 appears 31 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 00410A30 appears 46 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 0040F9F2 appears 40 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal84.troj.evad.winEXE@74/13@76/14
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004637B5 GetLastError,FormatMessageW,0_2_004637B5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004510BF AdjustTokenPrivileges,CloseHandle,0_2_004510BF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004516C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_004516C3
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004651CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_004651CD
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045D4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_0045D4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_0046648E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F42A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_003F42A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7584:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7972:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6684:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7484:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7848:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7704:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8152:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6524:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7908:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7788:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7372:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6060:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6728:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5448:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7728:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: random.exeVirustotal: Detection: 30%
    Source: random.exeReversingLabs: Detection: 28%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7549311c-e0e7-4a01-aa93-591359495f37} 8084 "\\.\pipe\gecko-crash-server-pipe.8084" 23f44a6eb10 socket
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2308 -parentBuildID 20230927232528 -prefsHandle 2252 -prefMapHandle 2236 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2597704f-3549-4520-87b8-69786454f492} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2f52f16f510 socket
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2276 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3665753-fa1f-4a96-aa92-02db64cd4d7c} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e09296d710 socket
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2660 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1356 -prefMapHandle 2712 -prefsLen 32327 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a077616c-92d4-4020-bf3e-bb2a9ef83594} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e0a9ee7710 utility
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7549311c-e0e7-4a01-aa93-591359495f37} 8084 "\\.\pipe\gecko-crash-server-pipe.8084" 23f44a6eb10 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2308 -parentBuildID 20230927232528 -prefsHandle 2252 -prefMapHandle 2236 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2597704f-3549-4520-87b8-69786454f492} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2f52f16f510 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2276 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3665753-fa1f-4a96-aa92-02db64cd4d7c} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e09296d710 socket
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2660 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1356 -prefMapHandle 2712 -prefsLen 32327 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a077616c-92d4-4020-bf3e-bb2a9ef83594} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e0a9ee7710 utility
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile written: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\compatibility.iniJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: The name of the library's debug file. For example, 'xul.pdb source: firefox.exe, 0000001E.00000002.1620718756.000002F53F521000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: "description": "The name of the library's debug file. For example, 'xul.pdb" source: firefox.exe, 0000001E.00000002.1620718756.000002F53F533000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621463932.000002F53F70E000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: Whether the suggest result can be deleted by the user.An object encapsulating one result of a history query.The id of the tab for which you want to modify the page action.Information sent when a context menu item is clicked.The details of the tab where the menu was opened.Gets the html document set as the popup for this page action.Gathers the profile data from the current profiling session.The algorithm used to hash the extension XPI file.Opens the extension page action in the active window.The maximum number of results to retrieve. Defaults to 100.Whether to also include default menu items in the menu.The number of times the user has navigated to this page.An integer value of button by which menu item was clicked.An integer value of button by which menu item was clicked.The id of the tab for which you want to modify the page action.Specifies a command to issue for the context click.The version of the extension installed by the study.The record ID for the extension in Normandy server's database.Marks the study as ended and then uninstalls the addon.Removes all occurrences of the given URL from the history.Fired when the title of a URL is changed in the browser history.The id of the tab for which you want to modify the page action.A list of thread names for which to capture profiles.Stops the profiler and discards any captured profile data.The name of the file inside the profile/profiler directoryThe id of the tab for which you want to modify the page action.The type of menu item. Defaults to 'normal' if not specified.The id of the tab for which you want to modify the page action.The name of the library's debug file. For example, 'xul.pdbRequired when context is 'tab'. Requires 'tabs' permission.The style ranges for the description, as provided by ToValue().Removes all context menu items added by this extension.A partial SuggestResult object, without the 'content' parameter.Search engine to use. Uses the default if not specified.Use the chrome.search API to search via the default provider.The key which corresponds to the value being set.Include sites that the user has pinned on the Firefox new tab.GET parameters to the search_url as a query string.The id of the tab whose value is being retrieved from.POST parameters to the search_url as a query string.Location where search results should be displayed.String to query with the default search provider.User has accepted what is typed into the omnibox.checks whether a PKCS#11 module, given by name, is installedThe id of the tab that the key/value pair is being set on.Retrieve a value that was set for a given key on a given window.Retrieve a value that was set for a given key on a given tab.The id of the tab whose key/value pair is being removed.Remove a key/value pair that was set on a given window.The name of the alarm to clear. Defaults to the empty string.Gets the list of recently closed tabs and/or windows.The style ranges for the description, as provided by ToValue().The key which corresponds to
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_003F42DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00410A76 push ecx; ret 0_2_00410A89
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0040F98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_0040F98E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00481C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_00481C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-96148
    Source: C:\Users\user\Desktop\random.exeWindow / User API: threadDelayed 459Jump to behavior
    Source: C:\Users\user\Desktop\random.exeWindow / User API: threadDelayed 513Jump to behavior
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 4.1 %
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0045DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0042C2A2 FindFirstFileExW,0_2_0042C2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004668EE FindFirstFileW,FindClose,0_2_004668EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0046698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0045D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0045D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00469642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00469642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0046979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00469B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00469B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00465C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00465C97
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_003F42DE
    Source: firefox.exe, 0000000E.00000002.1502135909.0000023F466BA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll`:
    Source: firefox.exe, 00000021.00000002.1595362412.0000021915D00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll%
    Source: firefox.exe, 0000000E.00000002.1502135909.0000023F46680000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597481148.000002F530D19000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597481148.000002F530CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597481148.000002F530CE0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593699934.000002191569A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593699934.00000219156C6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 0000000E.00000002.1504309306.0000023F503B3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A9AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1595042948.0000021915C13000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: firefox.exe, 00000021.00000002.1595362412.0000021915D00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllj
    Source: firefox.exe, 00000010.00000002.1494410131.0000014111F7A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: firefox.exe, 0000000E.00000002.1502135909.0000023F466BA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597481148.000002F530D19000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0046EAA2 BlockInput,0_2_0046EAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00422622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00422622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_003F42DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00414CE8 mov eax, dword ptr fs:[00000030h]0_2_00414CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00450B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00450B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00422622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00422622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0041083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_0041083F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004109D5 SetUnhandledExceptionFilter,0_2_004109D5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00410C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00410C21

    HIPS / PFW / Operating System Protection Evasion

    barindex
    Excessive usage of taskkill to terminate processes
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00451201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00451201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00432BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_00432BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0045B226 SendInput,keybd_event,0_2_0045B226
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004722DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_004722DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "c:\program files\mozilla firefox\firefox.exe" -contentproc --channel=2276 -parentbuildid 20230927232528 -prefshandle 2224 -prefmaphandle 2220 -prefslen 25315 -prefmapsize 238769 -win32klockeddown -appdir "c:\program files\mozilla firefox\browser" - {e3665753-fa1f-4a96-aa92-02db64cd4d7c} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e09296d710 socket
    Source: C:\Windows\System32\conhost.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "c:\program files\mozilla firefox\firefox.exe" -contentproc --channel=2660 -parentbuildid 20230927232528 -sandboxingkind 0 -prefshandle 1356 -prefmaphandle 2712 -prefslen 32327 -prefmapsize 238769 -win32klockeddown -appdir "c:\program files\mozilla firefox\browser" - {a077616c-92d4-4020-bf3e-bb2a9ef83594} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e0a9ee7710 utility
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00450B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00450B62
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00451663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_00451663
    Source: random.exe, 00000000.00000000.1371884145.00000000004B2000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00410698 cpuid 0_2_00410698
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0044D21C GetLocalTime,0_2_0044D21C
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0044D27A GetUserNameW,0_2_0044D27A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0042B952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_0042B952
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_003F42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_003F42DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7632, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exe, 00000000.00000000.1371884145.00000000004B2000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7632, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00471204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_00471204
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00471806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_00471806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		12
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain Accounts1
    Command and Scripting Interpreter    		Logon Script (Windows)1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		Security Account Manager3
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets121
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials1
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
    Virtualization/Sandbox Evasion    		Proc Filesystem11
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1609456 Sample: random.exe Startdate: 07/02/2025 Architecture: WINDOWS Score: 84 50 youtube.com 2->50 52 youtube-ui.l.google.com 2->52 54 39 other IPs or domains 2->54 64 Antivirus / Scanner detection for submitted sample 2->64 66 Multi AV Scanner detection for submitted file 2->66 68 Yara detected Credential Flusher 2->68 70 3 other signatures 2->70 8 random.exe 2->8         started        11 firefox.exe 2->11         started        13 firefox.exe 1 2->13         started        15 firefox.exe 1 2->15         started        signatures3 process4 signatures5 72 Binary is likely a compiled AutoIt script file 8->72 74 Found API chain indicative of sandbox detection 8->74 76 Excessive usage of taskkill to terminate processes 8->76 17 taskkill.exe 1 8->17         started        19 taskkill.exe 1 8->19         started        21 taskkill.exe 1 8->21         started        30 15 other processes 8->30 23 firefox.exe 11->23         started        26 firefox.exe 3 40 13->26         started        28 firefox.exe 40 15->28         started        process6 dnsIp7 32 conhost.exe 17->32         started        34 conhost.exe 19->34         started        36 conhost.exe 21->36         started        56 youtube.com 142.250.181.238, 443, 49941, 53047 GOOGLEUS United States 23->56 58 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 53048, 53056, 53068 GOOGLEUS United States 23->58 62 11 other IPs or domains 23->62 46 2 other processes 23->46 60 127.0.0.1 unknown unknown 26->60 38 firefox.exe 1 26->38         started        40 firefox.exe 1 28->40         started        42 conhost.exe 30->42         started        44 conhost.exe 30->44         started        48 10 other processes 30->48 process8

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe31%VirustotalBrowse
    random.exe29%ReversingLabsWin32.Ransomware.Generic
    random.exe100%AviraTR/ATRAPS.Gen
    random.exe100%Joe Sandbox ML

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://addons.mozilla.orghttps://monitor.firefox.comchrome://browser/skin/menu.svg0%Avira URL Cloudsafe
    https://screenshots.firefox.com/lib/about_compat_broker.js__MSG_searchUrlGetParams__shims/mochitest-0%Avira URL Cloudsafe
    https://screenshots.firefox.comzA80%Avira URL Cloudsafe
    https://www.openh264.org//0%Avira URL Cloudsafe
    https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()0%Avira URL Cloudsafe
    https://html.spec.whatwg.org/#the-hr-element-20%Avira URL Cloudsafe
    https://screenshots.firefox.com/Web0%Avira URL Cloudsafe
    http://src.chromium.org/viewvc/chrome/trunk/src/third_party/cld/languages/internal/languages.cc0%Avira URL Cloudsafe
    https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsr0%Avira URL Cloudsafe
    https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/records0%Avira URL Cloudsafe
    https://smartblock.firefox.etp/facebook.svgFileUtils_openAtomicFileOutputStream0%Avira URL Cloudsafe
    https://screenshots.firefox.com/lib/about_compat_broker.js0%Avira URL Cloudsafe
    https://profiler.firefox.comTY8H0%Avira URL Cloudsafe
    https://svgwg.org/svg2-draft/struct.html#SymbolNotes:0%Avira URL Cloudsafe
    https://monitor.firefox.comS0%Avira URL Cloudsafe
    http://www.ethiopic.org/Collation/OrderedLists.html.0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		23.215.0.133
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.253.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		104.244.42.1
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		52.35.181.117
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.129.91
                  		truefalse
                    		high
                    s-part-0017.t-0009.t-msedge.net
                    		13.107.246.45
                    		truefalse
                      		high
                      dyna.wikimedia.org
                      		185.15.59.224
                      		truefalse
                        		high
                        prod.remote-settings.prod.webservices.mozgcp.net
                        		34.149.100.209
                        		truefalse
                          		high
                          contile.services.mozilla.com
                          		34.117.188.166
                          		truefalse
                            		high
                            youtube.com
                            		142.250.181.238
                            		truefalse
                              		high
                              prod.content-signature-chains.prod.webservices.mozgcp.net
                              		34.160.144.191
                              		truefalse
                                		high
                                a19.dscg10.akamai.net
                                		2.22.61.56
                                		truefalse
                                  		high
                                  youtube-ui.l.google.com
                                  		142.250.185.78
                                  		truefalse
                                    		high
                                    us-west1.prod.sumo.prod.webservices.mozgcp.net
                                    		34.149.128.2
                                    		truefalse
                                      		high
                                      reddit.map.fastly.net
                                      		151.101.193.140
                                      		truefalse
                                        		high
                                        ipv4only.arpa
                                        		192.0.0.170
                                        		truefalse
                                          		high
                                          prod.ads.prod.webservices.mozgcp.net
                                          		34.117.188.166
                                          		truefalse
                                            		high
                                            push.services.mozilla.com
                                            		34.107.243.93
                                            		truefalse
                                              		high
                                              normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                              		34.49.51.44
                                              		truefalse
                                                		high
                                                telemetry-incoming.r53-2.services.mozilla.com
                                                		34.120.208.123
                                                		truefalse
                                                  		high
                                                  www.reddit.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    spocs.getpocket.com
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      content-signature-2.cdn.mozilla.net
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        support.mozilla.org
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          firefox.settings.services.mozilla.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            206.23.85.13.in-addr.arpa
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              www.youtube.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                www.facebook.com
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  detectportal.firefox.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    normandy.cdn.mozilla.net
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high
                                                                      shavar.services.mozilla.com
                                                                      		unknown
                                                                      		unknownfalse
                                                                        		high
                                                                        www.wikipedia.org
                                                                        		unknown
                                                                        		unknownfalse
                                                                          		high

                                                                          URLs from Memory and Binaries

                                                                          NameSourceMaliciousAntivirus DetectionReputation
                                                                          https://www.openh264.org//firefox.exe, 0000001E.00000002.1601515142.000002F53B18F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinationsLisfirefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                              		high
                                                                              https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://screenshots.firefox.comzA8firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://datastudio.google.com/embed/reporting/firefox.exe, 0000002E.00000003.1857618472.000001E0AB782000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1697411545.000001E0AA02E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsfirefox.exe, 0000002E.00000003.1762191883.000001E0A33C8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 0000000E.00000002.1497664111.0000023F44AD7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.0000014112372000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597028492.000002F52F1DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915A72000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://spocs.getpocket.com/spocsfirefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://mail.yahoo.co.jp/compose/?To=%shttp://poczta.interia.pl/mh/?mailto=%s_injectDefaultProtocolHfirefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://screenshots.firefox.comfirefox.exe, 0000001E.00000002.1611314859.000002F53DEDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://completion.amazon.com/search/complete?q=firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490561067.0000023F5471F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490954034.0000023F54777000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490398267.0000023F54500000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490806027.0000023F5475A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://monitor.firefox.com/breach-details/firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()firefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://addons.mozilla.orghttps://monitor.firefox.comchrome://browser/skin/menu.svgfirefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://profiler.firefox.com/firefox.exe, 0000001E.00000002.1609808766.000002F53C993000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696495411400900000.1&ci=1696495411208.12791&ctafirefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://screenshots.firefox.com/lib/about_compat_broker.js__MSG_searchUrlGetParams__shims/mochitest-firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://html.spec.whatwg.org/#the-hr-element-2firefox.exe, 0000001E.00000002.1614414380.000002F53E723000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://firefox.settings.services.mozilla.com/v1Connectingfirefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000E.00000003.1490688105.0000023F5473C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490561067.0000023F5471F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490954034.0000023F54777000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490398267.0000023F54500000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1490806027.0000023F5475A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1615772244.000002F53EBEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881Whetherfirefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequestfirefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  http://exslt.org/setsfirefox.exe, 0000000E.00000002.1503714556.0000023F50226000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A826000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://screenshots.firefox.com/Webfirefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                      		unknown
                                                                                                                                      http://src.chromium.org/viewvc/chrome/trunk/src/third_party/cld/languages/internal/languages.ccfirefox.exe, 0000001E.00000002.1619220755.000002F53F4D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F303000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1665443151.000001E0A30AA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                      		unknown
                                                                                                                                      https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingfirefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://api.accounts.firefox.com/v1firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            http://exslt.org/commonfirefox.exe, 0000000E.00000002.1503714556.0000023F50226000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A826000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://firefox.settings.services.mozilla.com/v1ifirefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThefirefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://fpn.firefox.comfirefox.exe, 0000001E.00000002.1598215452.000002F53A83A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1624933131.0000361658C04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600072218.000002F53AE03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E762000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DEC3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://www.widevine.com/firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1602424878.000002F53B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsrfirefox.exe, 0000002E.00000003.1762191883.000001E0A33C8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                          		unknown
                                                                                                                                                          https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.google.com/policies/privacy/2firefox.exe, 0000001E.00000002.1601515142.000002F53B18F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              http://exslt.org/dates-and-timesfirefox.exe, 0000000E.00000002.1503714556.0000023F50261000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A857000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causesfirefox.exe, 0000002E.00000003.1772668482.000001E0AC043000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://win.mail.ru/cgi-bin/sentmsg?mailto=%sfirefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505014672.0000023F50882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1604630093.000002F53B52A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://www.youtube.com/firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E773000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1811313448.000025C807403000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://127.0.0.1:firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000000E.00000002.1497664111.0000023F44A6B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1597028492.000002F52F16B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://bugzilla.mofirefox.exe, 0000001E.00000002.1615772244.000002F53EBEE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://mitmdetection.services.mozilla.com/firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://amazon.comfirefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E78C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://www.google.com/policies/privacy/Listfirefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpgfirefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1503714556.0000023F502AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.1494958638.00000141123CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598215452.000002F53A8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1594024498.0000021915AC8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://firefox.settings.services.mozilla.com/v1i#firefox.exe, 0000001E.00000002.1598729242.000002F53A994000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F36F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://spocs.getpocket.com/firefox.exe, 0000000E.00000002.1511162982.0000023F54430000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52B77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E7E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE14000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://smartblock.firefox.etp/facebook.svgFileUtils_openAtomicFileOutputStreamfirefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://screenshots.firefox.com/lib/about_compat_broker.jsfirefox.exe, 0000001E.00000002.1600554072.000002F53AFD8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=1403293firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E783000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          http://www.ethiopic.org/Collation/OrderedLists.html.firefox.exe, 0000001E.00000002.1611314859.000002F53DEAD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                          https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://merino.services.mozilla.com/api/v1/suggestaboutfirefox.exe, 00000021.00000002.1594024498.0000021915A72000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://outlook.live.com/default.aspx?rru=compose&to=%schrome://browser/content/schemas/devtools_insfirefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://www.inbox.lv/rfc2368/?value=%sufirefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://profiler.firefox.comTY8Hfirefox.exe, 0000001E.00000002.1610417263.000002F53DB97000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    https://monitor.firefox.com/user/dashboardfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://monitor.firefox.com/aboutfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://mozilla.org/MPL/2.0/.firefox.exe, 0000000E.00000002.1511544970.0000023F54585000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1512082521.0000023F54707000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1511162982.0000023F54476000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A45000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492364584.0000023F54767000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1509736100.0000023F51FF0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1508013289.0000023F51A56000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1512082521.0000023F54704000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000003.1591513110.000002F53F71A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621653520.000002F53F71A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1615772244.000002F53EB55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611953465.000002F53DF9A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E737000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621136879.000002F53F67B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E710000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F3A8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000003.1566021403.000002F53E783000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1621290510.000002F53F6F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1620718756.000002F53F555000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1617416443.000002F53EEA0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://mail.google.com/mail/?extsrc=mailto&url=%ssetSlowScriptDebugHandler/debugService.remoteActivfirefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://monitor.firefox.comSfirefox.exe, 0000001E.00000002.1597895292.000002F53A752000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                              https://www.openh264.org/firefox.exe, 0000000E.00000002.1504309306.0000023F503B3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1602424878.000002F53B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://coverage.mozilla.orgfirefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryptiondocument.requestStofirefox.exe, 0000001E.00000002.1610237425.000002F53CA40000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://github.com/firefox.exe, 0000000E.00000002.1507904256.0000023F51903000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000002E.00000003.1848934290.000001E0AA02C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://blocked.cdn.mozilla.net/firefox.exe, 0000000E.00000002.1509956128.0000023F52290000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000010.00000002.1494872708.0000014112270000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 0000001E.00000002.1608448132.000002F53BE80000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnoredfirefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 0000000E.00000003.1480515644.0000023F50B12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1505826040.0000023F50B10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1619220755.000002F53F455000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1618667138.000002F53F33B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://profiler.firefox.comfirefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.1593847131.00000219157C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://outlook.live.com/default.aspx?rru=compose&to=%sfirefox.exe, 0000000E.00000002.1510987213.0000023F5431D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1506479057.0000023F50C7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1510399946.0000023F52BA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.1492588710.0000023F54333000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1600554072.000002F53AF77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1610812349.000002F53DC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1611314859.000002F53DE50000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  https://svgwg.org/svg2-draft/struct.html#SymbolNotes:firefox.exe, 0000001E.00000003.1566051256.000002F53E774000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001E.00000002.1614414380.000002F53E773000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002E.00000003.1656816376.000001E0A2072000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                                                                                  		unknown

                                                                                                                                                                                                                                                  World Map of Contacted IPs

                                                                                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                                                                                                                  Public IPs

                                                                                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                  2.22.61.56
                                                                                                                                                                                                                                                  		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                  34.149.100.209
                                                                                                                                                                                                                                                  		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                  151.101.129.91
                                                                                                                                                                                                                                                  		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                  		54113FASTLYUSfalse
                                                                                                                                                                                                                                                  34.107.243.93
                                                                                                                                                                                                                                                  		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  34.107.221.82
                                                                                                                                                                                                                                                  		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  52.35.181.117
                                                                                                                                                                                                                                                  		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                  142.250.181.238
                                                                                                                                                                                                                                                  		youtube.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  35.244.181.201
                                                                                                                                                                                                                                                  		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  34.49.51.44
                                                                                                                                                                                                                                                  		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                  34.117.188.166
                                                                                                                                                                                                                                                  		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                  		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                  35.190.72.216
                                                                                                                                                                                                                                                  		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                  34.160.144.191
                                                                                                                                                                                                                                                  		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                  		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                  34.120.208.123
                                                                                                                                                                                                                                                  		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                  		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                  Private

                                                                                                                                                                                                                                                  IP
                                                                                                                                                                                                                                                  127.0.0.1

                                                                                                                                                                                                                                                  General Information

                                                                                                                                                                                                                                                  Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                  Analysis ID:1609456
                                                                                                                                                                                                                                                  Start date and time:2025-02-07 17:51:34 +01:00
                                                                                                                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                  Overall analysis duration:0h 8m 14s
                                                                                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                  Report type:full
                                                                                                                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                  Number of analysed new started processes analysed:52
                                                                                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                                                                                  Technologies:
                                                                                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                                                                                  Sample name:random.exe
                                                                                                                                                                                                                                                  Detection:MAL
                                                                                                                                                                                                                                                  Classification:mal84.troj.evad.winEXE@74/13@76/14
                                                                                                                                                                                                                                                  EGA Information:
                                                                                                                                                                                                                                                  • Successful, ratio: 12.5%
                                                                                                                                                                                                                                                  HCA Information:
                                                                                                                                                                                                                                                  • Successful, ratio: 94%
                                                                                                                                                                                                                                                  • Number of executed functions: 50
                                                                                                                                                                                                                                                  • Number of non-executed functions: 299
                                                                                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                                                                                  • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                  Warnings

                                                                                                                                                                                                                                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 142.250.74.202, 142.250.184.202, 172.217.16.206, 142.250.185.206, 13.107.246.45, 4.175.87.197, 184.28.90.27, 23.206.229.209, 13.85.23.206, 4.245.163.56
                                                                                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): www.bing.com, fs.microsoft.com, ciscobinary.openh264.org, slscr.update.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, incoming.telemetry.mozilla.org, aus5.mozilla.org, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, redirector.gvt1.com, azureedge-t-prod.trafficmanager.net, safebrowsing.googleapis.com, location.services.mozilla.com
                                                                                                                                                                                                                                                  • Execution Graph export aborted for target firefox.exe, PID 2052 because it is empty
                                                                                                                                                                                                                                                  • Execution Graph export aborted for target firefox.exe, PID 5448 because there are no executed function
                                                                                                                                                                                                                                                  • Execution Graph export aborted for target firefox.exe, PID 8084 because it is empty
                                                                                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                  • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                  Simulations

                                                                                                                                                                                                                                                  Behavior and APIs

                                                                                                                                                                                                                                                  TimeTypeDescription
                                                                                                                                                                                                                                                  11:53:06API Interceptor1x Sleep call for process: firefox.exe modified

                                                                                                                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                                                                                                                  IPs

                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                  34.49.51.444114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                    https://vqr.vc/mTUa6EndJGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      2.22.61.56https://vqr.vc/mTUa6EndJGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        2024_APY839284784.svgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                          MDE_File_Sample_c96cae8039920b2165d2fcc46a2004b884869760.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                            setup.exeGet hashmaliciousAmadey, Babadeda, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                              34.149.100.209c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                http://93.123.109.120/efefa7Get hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                  151.101.129.914114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    http://coinbasewalletus.wixsite.com/coiinbasewaletsignupGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      http://facebooksafety23.wixsite.com/verifyGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        http://metamaskvip.wixsite.com/airdropsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          http://mww1761.wixsite.com/my-site-1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            http://c5phlyerr.wixsite.com/my-siteGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              http://coinbasecomlogiin.wixsite.com/coinbasecomloginGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                http://krienkekiim.wixsite.com/my-site-2Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                  http://flowto.it/eVqmHdTP1QGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      52.35.181.117c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, LummaC Stealer, Stealc, VidarBrowse

                                                                                                                                                                                                                                                                                                                        Domains

                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                        twitter.comHEnpMb8iZs.exeGet hashmaliciousAmadey, Healer AV Disabler, LummaC Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                        • 104.244.42.1
                                                                                                                                                                                                                                                                                                                        c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, Healer AV Disabler, KeyLogger, LummaC Stealer, Stealc, StormKittyBrowse
                                                                                                                                                                                                                                                                                                                        • 104.244.42.1
                                                                                                                                                                                                                                                                                                                        example.orgHEnpMb8iZs.exeGet hashmaliciousAmadey, Healer AV Disabler, LummaC Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                        • 23.215.0.132
                                                                                                                                                                                                                                                                                                                        c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, Healer AV Disabler, KeyLogger, LummaC Stealer, Stealc, StormKittyBrowse
                                                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                                                        4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                                                        fimA8mhs11.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 23.215.0.132
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 96.7.128.192
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        • 23.215.0.132
                                                                                                                                                                                                                                                                                                                        0xqfQZufeQ.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        • 23.215.0.133
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 23.215.0.132
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 96.7.128.186
                                                                                                                                                                                                                                                                                                                        star-mini.c10r.facebook.comhttps://saber-mercurial-tang.glitch.me/ONENOTE.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                                                        https://www.flugger.pl/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                                                        https://wp-cdn.top/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.253.35
                                                                                                                                                                                                                                                                                                                        FiddlerSetup.5.0.20251.1171-latest.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.251.35
                                                                                                                                                                                                                                                                                                                        https://www.meintercept.com/5MX46D/XQW2DT/?uid=14026&sub1=gretchen_rubin&sub2=newsletter&sub3=01_31_2025Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                                                        HEnpMb8iZs.exeGet hashmaliciousAmadey, Healer AV Disabler, LummaC Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                                                        c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, Healer AV Disabler, KeyLogger, LummaC Stealer, Stealc, StormKittyBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.251.35
                                                                                                                                                                                                                                                                                                                        http://ec21-com.live.strattic.io/ec21.com/login.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.252.35
                                                                                                                                                                                                                                                                                                                        http://remove-restriction.github.io/input-passGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.0.35
                                                                                                                                                                                                                                                                                                                        http://bigpondmaillupda.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                        • 157.240.0.35

                                                                                                                                                                                                                                                                                                                        ASNs

                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                        AMAZON-02USrandom.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                        • 18.244.18.32
                                                                                                                                                                                                                                                                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                        • 54.171.230.55
                                                                                                                                                                                                                                                                                                                        3MnerqRZQh.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 13.248.169.48
                                                                                                                                                                                                                                                                                                                        Bd6xt2HKGz.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 13.248.169.48
                                                                                                                                                                                                                                                                                                                        99UbUXnwA9.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 76.223.67.189
                                                                                                                                                                                                                                                                                                                        mnojiyyWfG.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 13.248.169.48
                                                                                                                                                                                                                                                                                                                        xBA5hw2TjG.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 13.248.169.48
                                                                                                                                                                                                                                                                                                                        8BU0MOmoNl.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 13.248.169.48
                                                                                                                                                                                                                                                                                                                        https://s3.us-east-2.amazonaws.com/projectus-westawsbucket.s3.us/index.html#mmcartero@sanitas.esGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 52.219.96.178
                                                                                                                                                                                                                                                                                                                        AKAMAI-ASN1EUrandom.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                        • 104.126.116.11
                                                                                                                                                                                                                                                                                                                        SecuriteInfo.com.Trojan.Siggen20.61251.8349.26717.exeGet hashmaliciousScreenConnect ToolBrowse
                                                                                                                                                                                                                                                                                                                        • 2.22.242.226
                                                                                                                                                                                                                                                                                                                        http://%5B%22https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Femail.bcbssettlement.com%2Fc%2FeJxkzL1OwzAQAOCnscfIPv9m8IAgERVqQRTm6OxcVaPERcnB87Owdf_0zclG8M5JSjqY2Gvd91FekzYqO3LxgkXb4rxykA1hCME4F0KRNYECp0AFFZQ3sQNvvLUzImU7a62FVbnkfSfmhVZq3JXbKpd0Zf7ehXkQMAoYdyo_G3X3UsA4E9O21oZcb01u6YuwUaOON7zUgo1JWIVLrv83p_Pzy_T2PhwPn8fp9PpxeBym83B6kr8J_gIAAP__kjFIFA&data=05%7C02%7Cjeanene.traficante%40albint.com%7C1fdf299aa52a4a651cc208dd4745f85b%7Cff3d33ae31364152812675e51f4a1404%7C0%7C0%7C638745088046675413%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fGCIRyUUbeFPm7FcRl%2FZ7oH%2FXi3jt5H1pOFROm4%2BJoY%3D&reserved=0%22,%20%222f9fb485af706049f5d23654ae36fb8f%22%5DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 95.101.149.35
                                                                                                                                                                                                                                                                                                                        https://saber-mercurial-tang.glitch.me/ONENOTE.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                        • 95.101.149.160
                                                                                                                                                                                                                                                                                                                        https://www.flugger.pl/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 2.22.50.205
                                                                                                                                                                                                                                                                                                                        Ohio.mp4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 95.101.148.7
                                                                                                                                                                                                                                                                                                                        Ohio.mp4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 95.101.148.7
                                                                                                                                                                                                                                                                                                                        http://upholldlogin.godaddysites.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 2.19.96.250
                                                                                                                                                                                                                                                                                                                        https://stemcommunuity.com/87b9a9ed76bcb7367b5aa0f03eceebbd/c3RlbWNvbW1tdW51dGx5LmNvbQ==/aHR0cDovL3N0ZW1jb21tdW51aXR5LmNvbS9nbGZ0Lzc2MTI2MzEyMzUxMjM0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 95.101.149.47
                                                                                                                                                                                                                                                                                                                        FASTLYUSFAX-399484-339.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 151.101.65.229
                                                                                                                                                                                                                                                                                                                        https://s3.us-east-2.amazonaws.com/projectus-westawsbucket.s3.us/index.html#mmcartero@sanitas.esGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 151.101.194.137
                                                                                                                                                                                                                                                                                                                        http://ollama.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 185.199.111.133
                                                                                                                                                                                                                                                                                                                        https://blw.esminjuntat.ru/g9y8/#contactGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 151.101.194.137
                                                                                                                                                                                                                                                                                                                        kjjA3Ebw2c.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 185.199.109.133
                                                                                                                                                                                                                                                                                                                        kjjA3Ebw2c.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 185.199.108.133
                                                                                                                                                                                                                                                                                                                        http://%5B%22https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Femail.bcbssettlement.com%2Fc%2FeJxkzL1OwzAQAOCnscfIPv9m8IAgERVqQRTm6OxcVaPERcnB87Owdf_0zclG8M5JSjqY2Gvd91FekzYqO3LxgkXb4rxykA1hCME4F0KRNYECp0AFFZQ3sQNvvLUzImU7a62FVbnkfSfmhVZq3JXbKpd0Zf7ehXkQMAoYdyo_G3X3UsA4E9O21oZcb01u6YuwUaOON7zUgo1JWIVLrv83p_Pzy_T2PhwPn8fp9PpxeBym83B6kr8J_gIAAP__kjFIFA&data=05%7C02%7Cjeanene.traficante%40albint.com%7C1fdf299aa52a4a651cc208dd4745f85b%7Cff3d33ae31364152812675e51f4a1404%7C0%7C0%7C638745088046675413%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fGCIRyUUbeFPm7FcRl%2FZ7oH%2FXi3jt5H1pOFROm4%2BJoY%3D&reserved=0%22,%20%222f9fb485af706049f5d23654ae36fb8f%22%5DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 151.101.1.195
                                                                                                                                                                                                                                                                                                                        Policies_Handbook_2025_Revised.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 151.101.194.137
                                                                                                                                                                                                                                                                                                                        https://github.com/neverman350/Roblox-Synapse/releases/download/Download/installer.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 185.199.108.133
                                                                                                                                                                                                                                                                                                                        https://paintingopsllc.com/.res444.php?4-68747470733a2f2f304c4f2e696361626c657965722e72752f6b57414a2f-/#macumberbatch@cidel.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 151.101.194.137
                                                                                                                                                                                                                                                                                                                        ATGS-MMD-ASUS8BU0MOmoNl.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 57.129.59.27
                                                                                                                                                                                                                                                                                                                        jWkZpyQSo3.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                        • 34.149.87.45
                                                                                                                                                                                                                                                                                                                        http://ollama.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 34.36.133.15
                                                                                                                                                                                                                                                                                                                        http://%5B%22https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Femail.bcbssettlement.com%2Fc%2FeJxkzL1OwzAQAOCnscfIPv9m8IAgERVqQRTm6OxcVaPERcnB87Owdf_0zclG8M5JSjqY2Gvd91FekzYqO3LxgkXb4rxykA1hCME4F0KRNYECp0AFFZQ3sQNvvLUzImU7a62FVbnkfSfmhVZq3JXbKpd0Zf7ehXkQMAoYdyo_G3X3UsA4E9O21oZcb01u6YuwUaOON7zUgo1JWIVLrv83p_Pzy_T2PhwPn8fp9PpxeBym83B6kr8J_gIAAP__kjFIFA&data=05%7C02%7Cjeanene.traficante%40albint.com%7C1fdf299aa52a4a651cc208dd4745f85b%7Cff3d33ae31364152812675e51f4a1404%7C0%7C0%7C638745088046675413%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fGCIRyUUbeFPm7FcRl%2FZ7oH%2FXi3jt5H1pOFROm4%2BJoY%3D&reserved=0%22,%20%222f9fb485af706049f5d23654ae36fb8f%22%5DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 34.1.1.166
                                                                                                                                                                                                                                                                                                                        zHH1eSjWTK.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 57.128.101.74
                                                                                                                                                                                                                                                                                                                        zHH1eSjWTK.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 57.128.64.30
                                                                                                                                                                                                                                                                                                                        http://drawi.ioGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 34.8.249.45
                                                                                                                                                                                                                                                                                                                        http://aktivasiipaylatter4.fiile-resmii.net/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 34.36.71.3
                                                                                                                                                                                                                                                                                                                        https://businessfacebook.tempisite.com/ne90Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 34.149.134.77
                                                                                                                                                                                                                                                                                                                        https://www.meintercept.com/5MX46D/XQW2DT/?uid=14026&sub1=gretchen_rubin&sub2=newsletter&sub3=01_31_2025Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 34.160.105.74

                                                                                                                                                                                                                                                                                                                        JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                        fb0aa01abe9d8e4037eb3473ca6e2dcarandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        0xqfQZufeQ.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        ReRequest for Price and delivery time.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123
                                                                                                                                                                                                                                                                                                                        ShfT0a6CFx.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                        • 35.244.181.201
                                                                                                                                                                                                                                                                                                                        • 34.149.100.209
                                                                                                                                                                                                                                                                                                                        • 34.160.144.191
                                                                                                                                                                                                                                                                                                                        • 151.101.129.91
                                                                                                                                                                                                                                                                                                                        • 34.120.208.123

                                                                                                                                                                                                                                                                                                                        Dropped Files

                                                                                                                                                                                                                                                                                                                        No context

                                                                                                                                                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\compatibility.ini

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:Windows WIN.INI
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):200
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.391255133360986
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:tZAQUsjcmktYWwktUp/UNE2aT/P4WX1rDZjrEFwHQ3ZjrEFwslyy:JWtYWXtUp8babN1rDVEFycVEFL
                                                                                                                                                                                                                                                                                                                        MD5:3FB561547A46AF02D6B00F86DC370634
                                                                                                                                                                                                                                                                                                                        SHA1:914867E4C763611B441835A3FC0082359FBF7277
                                                                                                                                                                                                                                                                                                                        SHA-256:5393F0E8D90EE6A26EAC13B81B83EDC0637487B3E427175021D7EC4CDE8E34A7
                                                                                                                                                                                                                                                                                                                        SHA-512:0E05486A6B6AD65D3A95FCFE46BE6687DD47E311374F11DE89F9CFB8C301951D6BFE43FA24851A3E759B6F8AF69A5F593568FB61F576AB52941F6B2B6EE54BC8
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[Compatibility]..LastVersion=118.0.1_20230927232528/20230927232528..LastOSABI=WINNT_x86_64-msvc..LastPlatformDir=C:\Program Files\Mozilla Firefox..LastAppDir=C:\Program Files\Mozilla Firefox\browser..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):262144
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                        MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                        SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                        SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                        SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                        MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                        SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                        SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                        SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):98304
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.07328047618577577
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zkiIr:DLhesh7Owd4+jiI
                                                                                                                                                                                                                                                                                                                        MD5:1E4A8BD9C1B6A2E78C4A0891558E25F4
                                                                                                                                                                                                                                                                                                                        SHA1:57F8760D3E50D585B9F57637B6450E530C18EF6E
                                                                                                                                                                                                                                                                                                                        SHA-256:87D4C41C84EB0E4C7CCFDECC558A82CCEF9889884918EDE52B361EDD86D3DA7A
                                                                                                                                                                                                                                                                                                                        SHA-512:79E34A627523E252607C05728EA70709E689C4BC8140A676C3E1330F08DCB3F0369703B3211F2D6AA0F21B13ADCA5EEE726B0ACA611BB7A2180D59D251C1945B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.035822017202226504
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:GtlstFCl4e6gAlstFCl4e6gXJ89//alEl:GtWtAkWtA989XuM
                                                                                                                                                                                                                                                                                                                        MD5:ED97E2A4678EC3BE3FB105130FEFD1DA
                                                                                                                                                                                                                                                                                                                        SHA1:0F119146C844BB9065AE321FFDD987254172890A
                                                                                                                                                                                                                                                                                                                        SHA-256:CD259C27DE1FC96DB9386468C2EC6FD91CAE4EBB08CE8A86233F6D8CA6654C15
                                                                                                                                                                                                                                                                                                                        SHA-512:96B9CF68BB7F86349D54C147E80ACFA5667F1F052BA539A9BF4F1E1309E940623B69CE0BF7797CCFF252C40ECCD14B0891DB98A16E5845D4DDCC6C6ED31F7E4B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:..-........................*S.L{:q6..<.;....@.8..-........................*S.L{:q6..<.;....@.8........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):32824
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.03998118428817617
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Ol16bJ95IlollffUH6T2tiwl8rEXsxdwhml8XW3R2:K0GolNUHwql8dMhm93w
                                                                                                                                                                                                                                                                                                                        MD5:D9AD3BC2C47001FD9567577AC7474C99
                                                                                                                                                                                                                                                                                                                        SHA1:923C88C566471F3DDA19A09D1647C45A604537FA
                                                                                                                                                                                                                                                                                                                        SHA-256:BBFB291B6473627E4E08A8C84081DA489A916CE66626DEE0FA74B9189810048F
                                                                                                                                                                                                                                                                                                                        SHA-512:400FB07621CAD016A340CC16389570F269CCBCD58153114419E5C22683FFF21ABF49DBC7578BCBACE9730144DCACF47FB597FFE8D9F5561E4CC405D1289158A1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:7....-..........:q6..<.;..tM.3..........:q6..<.;*..{L.S................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1765), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                        Size (bytes):9820
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.51077758286386
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:efniR4pYbBp6Sp0pUhUxaXd6Y4nysZM2dlbBNBw8uOSl:0ejGpCUvY4ysndtpw20
                                                                                                                                                                                                                                                                                                                        MD5:EEDDF15E1C68582AEFC4014FC74A2F3A
                                                                                                                                                                                                                                                                                                                        SHA1:DCCC325859ADF9459710A93FADD213AB4E2DD9D0
                                                                                                                                                                                                                                                                                                                        SHA-256:8B0A7091D50CC4311557F9D592320FA5D2ECE107BF9C55C34DC63ABF6CF1A2C8
                                                                                                                                                                                                                                                                                                                        SHA-512:90ED90304C5856FE1250C9E4262A7CADA961782E532D41919DD5CBC7D178FAB6078E20976F0818EAA1DB722BA5037BECF0CA9B3C88BEADD811D635F3366ED9C0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "d3d72102-142d-47cc-a7b7-5b20541f2540");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696496527);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696496528);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1765), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9820
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.51077758286386
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:efniR4pYbBp6Sp0pUhUxaXd6Y4nysZM2dlbBNBw8uOSl:0ejGpCUvY4ysndtpw20
                                                                                                                                                                                                                                                                                                                        MD5:EEDDF15E1C68582AEFC4014FC74A2F3A
                                                                                                                                                                                                                                                                                                                        SHA1:DCCC325859ADF9459710A93FADD213AB4E2DD9D0
                                                                                                                                                                                                                                                                                                                        SHA-256:8B0A7091D50CC4311557F9D592320FA5D2ECE107BF9C55C34DC63ABF6CF1A2C8
                                                                                                                                                                                                                                                                                                                        SHA-512:90ED90304C5856FE1250C9E4262A7CADA961782E532D41919DD5CBC7D178FAB6078E20976F0818EAA1DB722BA5037BECF0CA9B3C88BEADD811D635F3366ED9C0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "d3d72102-142d-47cc-a7b7-5b20541f2540");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696496527);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696496528);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):65536
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                        MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                        SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                        SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                        SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):53
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.136624295551173
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AY:Y9KQOy6Lb1BA+9
                                                                                                                                                                                                                                                                                                                        MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
                                                                                                                                                                                                                                                                                                                        SHA1:B43BC4B3EA206A02EF8F63D5BFAD0C96BF2A3B2A
                                                                                                                                                                                                                                                                                                                        SHA-256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
                                                                                                                                                                                                                                                                                                                        SHA-512:076EE83534F42563046D25086166F82E1A3EC61840C113AEC67ABE2D8195DAA247D827D0C54E7E8F8A1BBF2D082A3763577587E84342EC160FF97905243E6D19
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"profile-after-change":true,"final-ui-startup":true}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):53
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.136624295551173
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AY:Y9KQOy6Lb1BA+9
                                                                                                                                                                                                                                                                                                                        MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
                                                                                                                                                                                                                                                                                                                        SHA1:B43BC4B3EA206A02EF8F63D5BFAD0C96BF2A3B2A
                                                                                                                                                                                                                                                                                                                        SHA-256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
                                                                                                                                                                                                                                                                                                                        SHA-512:076EE83534F42563046D25086166F82E1A3EC61840C113AEC67ABE2D8195DAA247D827D0C54E7E8F8A1BBF2D082A3763577587E84342EC160FF97905243E6D19
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"profile-after-change":true,"final-ui-startup":true}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 8, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                        Size (bytes):4096
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):2.0836444556178684
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:JBwdh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jnEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                        MD5:BB6AF1BFE7DFA2D3D28DCA9C1D5C209F
                                                                                                                                                                                                                                                                                                                        SHA1:D216BA7AF17521E30A8FFA1E5804827E6995F8D3
                                                                                                                                                                                                                                                                                                                        SHA-256:4154A056F32C1395703E6842800E3987C035290F0B5EFAE666DC2DA978391563
                                                                                                                                                                                                                                                                                                                        SHA-512:DC6946DE516315407B216C3C3945D820C3D2CA70C6ADE66BC96439CD304E7AF08FB5DBF17F1DD21E299FB3348E1C5F92FD64892FBF13C8FC002A10FEB6AD107B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shm

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                        MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                        SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                        SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                        SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        Static File Info

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.696364612959292
                                                                                                                                                                                                                                                                                                                        TrID:
                                                                                                                                                                                                                                                                                                                        • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                        • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                        File name:random.exe
                                                                                                                                                                                                                                                                                                                        File size:967'168 bytes
                                                                                                                                                                                                                                                                                                                        MD5:d1bf8e67a6a73aded20586aab5f29510
                                                                                                                                                                                                                                                                                                                        SHA1:a83f4fa3510333fe0223fa49df40275f6bcffb88
                                                                                                                                                                                                                                                                                                                        SHA256:f8537e5844cce90e065d476053c9d8dcd8a8369102975ae3cdfd74d4644bb105
                                                                                                                                                                                                                                                                                                                        SHA512:e9be75c0e58e9bd634d55188e3d19b6bb8d0b8202b703c06a3570165710202ae3762abb564c042dfb038726851446e83876338550af851213aad02570d202f23
                                                                                                                                                                                                                                                                                                                        SSDEEP:24576:wqDEvCTbMWu7rQYlBQcBiT6rprG8avrV:wTvC/MTQYxsWR7av
                                                                                                                                                                                                                                                                                                                        TLSH:89259E0273D1C062FF9B92334B5AF6515BBC69260123E61F13A81D7ABE701B1563E7A3
                                                                                                                                                                                                                                                                                                                        File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                        File Icon

                                                                                                                                                                                                                                                                                                                        Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                        Static PE Info

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                        Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                        Digitally signed:false
                                                                                                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                        Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                        Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                        DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                        Time Stamp:0x67A61F3B [Fri Feb 7 14:56:59 2025 UTC]
                                                                                                                                                                                                                                                                                                                        TLS Callbacks:
                                                                                                                                                                                                                                                                                                                        CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                        OS Version Major:5
                                                                                                                                                                                                                                                                                                                        OS Version Minor:1
                                                                                                                                                                                                                                                                                                                        File Version Major:5
                                                                                                                                                                                                                                                                                                                        File Version Minor:1
                                                                                                                                                                                                                                                                                                                        Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                        Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                        Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                        Entrypoint Preview

                                                                                                                                                                                                                                                                                                                        Instruction
                                                                                                                                                                                                                                                                                                                        call 00007F3BF54E0D73h
                                                                                                                                                                                                                                                                                                                        jmp 00007F3BF54E067Fh
                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                        push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                        call 00007F3BF54E085Dh
                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                        mov eax, esi
                                                                                                                                                                                                                                                                                                                        pop esi
                                                                                                                                                                                                                                                                                                                        pop ebp
                                                                                                                                                                                                                                                                                                                        retn 0004h
                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                        mov eax, ecx
                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                        push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                        call 00007F3BF54E082Ah
                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                        mov eax, esi
                                                                                                                                                                                                                                                                                                                        pop esi
                                                                                                                                                                                                                                                                                                                        pop ebp
                                                                                                                                                                                                                                                                                                                        retn 0004h
                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                        mov eax, ecx
                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                        lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                        and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                        and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                        mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                        add eax, 04h
                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                        call 00007F3BF54E341Dh
                                                                                                                                                                                                                                                                                                                        pop ecx
                                                                                                                                                                                                                                                                                                                        pop ecx
                                                                                                                                                                                                                                                                                                                        mov eax, esi
                                                                                                                                                                                                                                                                                                                        pop esi
                                                                                                                                                                                                                                                                                                                        pop ebp
                                                                                                                                                                                                                                                                                                                        retn 0004h
                                                                                                                                                                                                                                                                                                                        lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                        call 00007F3BF54E3468h
                                                                                                                                                                                                                                                                                                                        pop ecx
                                                                                                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                        lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                        call 00007F3BF54E3451h
                                                                                                                                                                                                                                                                                                                        test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                        pop ecx

                                                                                                                                                                                                                                                                                                                        Rich Headers

                                                                                                                                                                                                                                                                                                                        Programming Language:
                                                                                                                                                                                                                                                                                                                        • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                        • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                        Data Directories

                                                                                                                                                                                                                                                                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x156f8.rsrc
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0xea0000x7594.reloc
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                        Sections

                                                                                                                                                                                                                                                                                                                        NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                        .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                        .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                        .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                        .rsrc0xd40000x156f80x1580060dffe737dceab957b2a72858ed0642bFalse0.6909861010174418data7.129304708060821IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                        .reloc0xea0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                        Resources

                                                                                                                                                                                                                                                                                                                        NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                        RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                        RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                        RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                        RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                        RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                        RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                        RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                        RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                        RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                        RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                        RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                        RT_RCDATA0xdc8fc0xc87adata1.000506605354429
                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe91780x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe91f00x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe92040x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe92180x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                        RT_VERSION0xe922c0xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                        RT_MANIFEST0xe93080x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                        Imports

                                                                                                                                                                                                                                                                                                                        DLLImport
                                                                                                                                                                                                                                                                                                                        WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                        VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                        WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                        COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                        MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                        WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                        PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                        IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                        USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                        UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                        KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                        USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                        GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                        COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                        ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                        SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                        ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                        OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                        Version Infos

                                                                                                                                                                                                                                                                                                                        DescriptionData
                                                                                                                                                                                                                                                                                                                        Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                        Possible Origin

                                                                                                                                                                                                                                                                                                                        Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                        EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                                                                                                                                                        Network Port Distribution

                                                                                                                                                                                                                                                                                                                        TCP Packets

                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.771696091 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.771745920 CET4434993435.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.771840096 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.813585043 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.813612938 CET4434993435.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.275073051 CET4434993435.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.278594017 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.320558071 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.457787037 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.457803011 CET4434993435.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.457937956 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.458136082 CET4434993435.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:00.459454060 CET49934443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.064868927 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.064915895 CET44349941142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.066312075 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.068073034 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.068089008 CET44349941142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.271130085 CET5304553192.168.2.9162.159.36.2
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.276007891 CET5353045162.159.36.2192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.276123047 CET5304553192.168.2.9162.159.36.2
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.280942917 CET5353045162.159.36.2192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.512789965 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.512820005 CET44353047142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.516015053 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.517580032 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.517592907 CET44353047142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.523931026 CET5304880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.528865099 CET805304834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.528964996 CET5304880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.529114008 CET5304880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.533843994 CET805304834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.724899054 CET44349941142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.725032091 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.725639105 CET44349941142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.728838921 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.732656002 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.732676983 CET44349941142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.732774973 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.732918978 CET44349941142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.733026028 CET49941443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.755413055 CET5304553192.168.2.9162.159.36.2
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.760464907 CET5353045162.159.36.2192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.760550976 CET5304553192.168.2.9162.159.36.2
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.905159950 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.905208111 CET4435304935.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.906555891 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.906853914 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.906871080 CET4435304935.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.907607079 CET53050443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.907618046 CET4435305034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.908503056 CET53050443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.909972906 CET53050443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.909986973 CET4435305034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.939928055 CET53055443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.939975023 CET4435305534.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.941457987 CET53055443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.942949057 CET53055443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.942961931 CET4435305534.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.977083921 CET805304834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.017407894 CET5304880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.052433968 CET5305680192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.058883905 CET805305634.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.059324026 CET5305680192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.059488058 CET5305680192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.065839052 CET805305634.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.154793024 CET44353047142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.154870033 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.155694962 CET44353047142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.155878067 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.159403086 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.159414053 CET44353047142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.159528971 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.159610987 CET44353047142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.159943104 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.159961939 CET53047443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.159987926 CET44353057142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.160059929 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.164001942 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.164021015 CET44353057142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.376499891 CET4435305034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.376574039 CET53050443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.381639957 CET53050443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.381653070 CET4435305034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.381748915 CET53050443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.381906986 CET4435305034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.381951094 CET53050443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.382153988 CET53059443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.382198095 CET4435305934.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.382266045 CET53059443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.383642912 CET53059443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.383656025 CET4435305934.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.385102034 CET4435304935.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.385168076 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.388088942 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.388096094 CET4435304935.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.388514042 CET4435304935.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.390466928 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.390547991 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.390660048 CET4435304935.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.390707970 CET53049443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.428149939 CET4435305534.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.432585955 CET53055443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442006111 CET53055443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442029953 CET4435305534.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442137957 CET53055443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442234039 CET4435305534.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442517042 CET53060443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442552090 CET53055443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442579031 CET4435306034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.442646980 CET53060443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.443963051 CET53060443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.443977118 CET4435306034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.503629923 CET805305634.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.550131083 CET5305680192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.792555094 CET44353057142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.793257952 CET44353057142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.798587084 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.798604965 CET44353057142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.859217882 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.872245073 CET4435305934.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.879406929 CET53059443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.906430006 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.906446934 CET44353057142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.906542063 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.906758070 CET44353057142.250.181.238192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.908807039 CET53059443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.908832073 CET4435305934.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.908862114 CET53059443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.909123898 CET4435305934.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.919672012 CET53059443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.919696093 CET53057443192.168.2.9142.250.181.238
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.928639889 CET4435306034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.928822994 CET53060443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.942086935 CET53060443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.942106962 CET4435306034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.942157030 CET53060443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.942267895 CET4435306034.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.942377090 CET53060443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.068394899 CET5305680192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.068463087 CET5304880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.073641062 CET805305634.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.073659897 CET805304834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.074050903 CET5305680192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.074059963 CET5304880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.089582920 CET53066443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.089637041 CET4435306634.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.093657017 CET53066443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.095268965 CET53066443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.095283985 CET4435306634.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.108624935 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.108665943 CET4435306734.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.108727932 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.108850956 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.108865023 CET4435306734.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.134375095 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.137212992 CET53069443192.168.2.952.35.181.117
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.137271881 CET4435306952.35.181.117192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.137389898 CET53069443192.168.2.952.35.181.117
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.138962030 CET53069443192.168.2.952.35.181.117
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.138977051 CET4435306952.35.181.117192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.139224052 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.139656067 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.139781952 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.144512892 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.675169945 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.677789927 CET4435306634.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.677896976 CET53066443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.678905010 CET4435306734.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.679167986 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.683434010 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.683454990 CET4435306734.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.683696985 CET4435306734.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687046051 CET53066443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687063932 CET4435306634.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687158108 CET53066443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687304974 CET4435306634.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687310934 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687400103 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687479019 CET4435306734.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687676907 CET53073443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687711000 CET4435307334.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687854052 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687881947 CET4435307434.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687897921 CET53066443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687905073 CET53067443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.687969923 CET53073443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.688007116 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.689408064 CET53073443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.689420938 CET4435307334.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.689558983 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.689575911 CET4435307434.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.725765944 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.803370953 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.808250904 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.808331966 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.808480978 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.813286066 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.972789049 CET4435306952.35.181.117192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.973447084 CET53069443192.168.2.952.35.181.117
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.978265047 CET53069443192.168.2.952.35.181.117
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.978276968 CET4435306952.35.181.117192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.978343964 CET53069443192.168.2.952.35.181.117
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.978461027 CET4435306952.35.181.117192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.978517056 CET53069443192.168.2.952.35.181.117
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.153048038 CET4435307334.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.153135061 CET53073443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.156718016 CET53073443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.156725883 CET4435307334.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.156815052 CET53073443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.156887054 CET4435307334.117.188.166192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.157263041 CET53073443192.168.2.934.117.188.166
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.165163994 CET4435307434.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.167155981 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.170300007 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.170314074 CET4435307434.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.170586109 CET4435307434.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.172583103 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.172642946 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.172771931 CET4435307434.160.144.191192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.172776937 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.173038960 CET53074443192.168.2.934.160.144.191
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.256268978 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.299652100 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.155024052 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.159902096 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.249098063 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.308384895 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.868519068 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.873351097 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.963809967 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:08.012289047 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:12.785875082 CET53112443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:12.785929918 CET4435311234.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:12.788131952 CET53112443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:12.789611101 CET53112443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:12.789628983 CET4435311234.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:13.286303043 CET4435311234.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:13.291249990 CET53112443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:13.295675039 CET53112443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:13.295692921 CET4435311234.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:13.295758009 CET53112443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:13.295887947 CET4435311234.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:13.296159029 CET53112443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.259924889 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.264844894 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.353992939 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.404158115 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.513035059 CET53114443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.513083935 CET4435311434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.513145924 CET53114443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.514502048 CET53114443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.514518976 CET4435311434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.625449896 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.630376101 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.720453978 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.774112940 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.019293070 CET4435311434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.019397020 CET53114443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.029619932 CET53114443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.029664040 CET4435311434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.029717922 CET53114443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.029908895 CET4435311434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.029963017 CET53114443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.487735033 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.492566109 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.493797064 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.493844986 CET4435311535.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.500209093 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.500777960 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.500809908 CET4435311535.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.502497911 CET53116443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.502521038 CET4435311634.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.502958059 CET53116443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.504343033 CET53116443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.504365921 CET4435311634.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.584125042 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.645590067 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.975750923 CET4435311535.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.975835085 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.978810072 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.978826046 CET4435311535.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.979753017 CET4435311535.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.980312109 CET4435311634.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.980571985 CET53116443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.983786106 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.983855009 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.984006882 CET4435311535.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.984095097 CET53115443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.985246897 CET53116443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.985260010 CET4435311634.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.985337019 CET53116443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.985416889 CET4435311634.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.985464096 CET53116443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.029470921 CET53117443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.029522896 CET4435311734.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.030909061 CET53117443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.032376051 CET53117443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.032393932 CET4435311734.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.171665907 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.176217079 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.176604986 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.181083918 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.187330008 CET53118443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.187356949 CET4435311834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.187719107 CET53118443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.189116001 CET53118443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.189127922 CET4435311834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.266622066 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.271147013 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.314348936 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.314384937 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.502090931 CET4435311734.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.502217054 CET53117443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.510564089 CET53117443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.510601044 CET4435311734.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.510690928 CET53117443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.510797024 CET4435311734.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.511137962 CET53119443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.511183023 CET4435311934.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.511198997 CET53117443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.511548996 CET53119443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.513019085 CET53119443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.513039112 CET4435311934.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.643408060 CET4435311834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.643493891 CET53118443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.648165941 CET53118443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.648180962 CET4435311834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.648273945 CET53118443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.648407936 CET4435311834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.648463964 CET53118443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.975836039 CET4435311934.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.975919008 CET53119443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.980878115 CET53119443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.980907917 CET4435311934.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.980978012 CET53119443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.981091022 CET4435311934.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.981147051 CET53119443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.512456894 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.516511917 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.517375946 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.521332026 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.529179096 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.529232979 CET4435312034.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530345917 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530385971 CET4435312134.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530700922 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530858040 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530858994 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530877113 CET4435312034.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530952930 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.530958891 CET4435312134.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.628204107 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.628899097 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.671722889 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.671726942 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.720827103 CET53122443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.720880985 CET4435312234.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.722312927 CET53122443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.723841906 CET53122443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.723858118 CET4435312234.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.745121956 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.749973059 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.840405941 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.887923956 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.988802910 CET4435312134.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.988892078 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.991657019 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.991677999 CET4435312134.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.991919041 CET4435312134.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.995958090 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.996083975 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.996133089 CET4435312134.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.996213913 CET53121443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.997668982 CET4435312034.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.997791052 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.000555038 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.000581980 CET4435312034.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.000849962 CET4435312034.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.003658056 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.003817081 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.003827095 CET4435312034.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.003843069 CET4435312034.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.003989935 CET53120443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.106579065 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.111459970 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.188889027 CET4435312234.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.192631006 CET53122443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.196347952 CET53122443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.196374893 CET4435312234.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.196463108 CET53122443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.196626902 CET4435312234.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.199069023 CET53122443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.200551033 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.203866005 CET53123443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.203911066 CET4435312334.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.204476118 CET53123443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.206350088 CET53123443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.206377029 CET4435312334.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.208302975 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.213076115 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.251394987 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.308751106 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.364208937 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.678234100 CET4435312334.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.678313971 CET53123443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.682796001 CET53123443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.682810068 CET4435312334.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.682957888 CET53123443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.682974100 CET4435312334.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.684381008 CET53123443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.685794115 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.688162088 CET53124443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.688200951 CET4435312434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.688361883 CET53124443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.689760923 CET53124443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.689776897 CET4435312434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.690608978 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.780769110 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.784059048 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.788997889 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.827882051 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.879776955 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.928200960 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.153913021 CET4435312434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.154016972 CET53124443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.157553911 CET53124443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.157567978 CET4435312434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.157672882 CET53124443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.157731056 CET4435312434.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.158983946 CET53124443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.160340071 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.165126085 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.254702091 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.257930040 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.262779951 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.298167944 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.321719885 CET53125443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.321763992 CET4435312534.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.322113991 CET53125443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.323630095 CET53125443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.323652983 CET4435312534.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.353405952 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.398417950 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.787753105 CET4435312534.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.787843943 CET53125443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.792666912 CET53125443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.792676926 CET4435312534.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.792773008 CET53125443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.792860985 CET4435312534.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.793005943 CET53125443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.795392990 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.800214052 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.889863014 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.894301891 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.899115086 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.931148052 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.989847898 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:20.031455040 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.099092007 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.099143028 CET4435312635.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.102523088 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.102670908 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.102684975 CET4435312635.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.129570961 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.129618883 CET44353127151.101.129.91192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.130129099 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.130286932 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.130302906 CET44353127151.101.129.91192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.132361889 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.132375956 CET4435312834.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.134350061 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.134403944 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.134412050 CET4435312834.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.146745920 CET53129443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.146776915 CET4435312935.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.147540092 CET53129443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.148962021 CET53129443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.148981094 CET4435312935.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.157785892 CET53130443192.168.2.934.49.51.44
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.157816887 CET4435313034.49.51.44192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.159879923 CET53130443192.168.2.934.49.51.44
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.161482096 CET53130443192.168.2.934.49.51.44
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.161498070 CET4435313034.49.51.44192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.556209087 CET4435312635.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.556317091 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.559767962 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.559791088 CET4435312635.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.560046911 CET4435312635.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.561919928 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.562021017 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.562088013 CET4435312635.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.564332962 CET53126443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.566503048 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.571330070 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.591490984 CET44353127151.101.129.91192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.593142986 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.596731901 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.596746922 CET44353127151.101.129.91192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.597166061 CET44353127151.101.129.91192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.599294901 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.599404097 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.599483013 CET44353127151.101.129.91192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.605921030 CET53127443192.168.2.9151.101.129.91
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.611478090 CET4435312834.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.612097025 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.612145901 CET4435313135.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.615370989 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.615416050 CET4435313235.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.618026018 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.618068933 CET4435313335.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.621608973 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.621670008 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.621680021 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.621956110 CET4435312935.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.622008085 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.624123096 CET4435313034.49.51.44192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.627337933 CET4435312935.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.635345936 CET4435313034.49.51.44192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.637204885 CET53129443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.637206078 CET53130443192.168.2.934.49.51.44
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.640331984 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.640360117 CET4435312834.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.640587091 CET4435312834.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.643765926 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.643789053 CET4435313135.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.643913984 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.643925905 CET4435313235.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.644011021 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.644023895 CET4435313335.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.647413969 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.647579908 CET4435312834.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.647692919 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.647706032 CET4435312834.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.648205042 CET53130443192.168.2.934.49.51.44
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.648227930 CET4435313034.49.51.44192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.648274899 CET53130443192.168.2.934.49.51.44
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.648530006 CET4435313034.49.51.44192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.649941921 CET53129443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.649954081 CET4435312935.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.650042057 CET53129443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.650201082 CET4435312935.190.72.216192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.650409937 CET53130443192.168.2.934.49.51.44
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.650417089 CET53129443192.168.2.935.190.72.216
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.650441885 CET53128443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.661065102 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.671822071 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.671859980 CET4435313434.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.672602892 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.672753096 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.672770023 CET4435313434.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.674611092 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.679461002 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.721836090 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.769635916 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.822112083 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.099117994 CET4435313235.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.099206924 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.101893902 CET4435313335.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.102216959 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.102235079 CET4435313235.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.102449894 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.102519989 CET4435313235.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.104696989 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.104707003 CET4435313335.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.108182907 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.108278036 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.108374119 CET4435313235.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.108530998 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.108536959 CET4435313335.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.108576059 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.108728886 CET53132443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.111701965 CET4435313335.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.111954927 CET4435313335.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.113718987 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.114583015 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.114600897 CET53133443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.116744995 CET4435313135.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.116760969 CET4435313135.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.116822958 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.118475914 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.119596004 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.119616032 CET4435313135.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.119890928 CET4435313135.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.122493982 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.122575045 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.122679949 CET4435313135.244.181.201192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.122734070 CET53131443192.168.2.935.244.181.201
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.137675047 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.142432928 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.142540932 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.142657042 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.147372961 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.153321981 CET4435313434.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.153397083 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.156795025 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.156806946 CET4435313434.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.157040119 CET4435313434.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.159842968 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.159924030 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.160000086 CET4435313434.149.100.209192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.161345005 CET53134443192.168.2.934.149.100.209
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.208962917 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.212973118 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.217711926 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.254540920 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.308990002 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.354803085 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799436092 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799455881 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799468994 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799485922 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799541950 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799566984 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.801404953 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.801418066 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.801429987 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.801460981 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804492950 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804511070 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804548025 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804603100 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804608107 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804608107 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.807329893 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.807367086 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.807410002 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.807440042 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.807451963 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.807532072 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.810571909 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.810595036 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.810606956 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.810638905 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.810681105 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890034914 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890225887 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890239000 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890250921 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890283108 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890374899 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890408039 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.890553951 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.892077923 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.892087936 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.892106056 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.892126083 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.892138004 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.892138958 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.892227888 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.895200968 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.895221949 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.895234108 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.895246029 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.895256996 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.895309925 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.895309925 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.897911072 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.897949934 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.898005962 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.898047924 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.898058891 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.898071051 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.898082018 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.898154974 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901223898 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901235104 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901277065 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901282072 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901318073 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901329994 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901341915 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.901514053 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980649948 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980678082 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980689049 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980729103 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980870008 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980882883 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980890036 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.980895996 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.981004000 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.981462002 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.981472969 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.981564999 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982635021 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982681990 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982693911 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982713938 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982878923 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982891083 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982903957 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982917070 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982924938 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982928991 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.982999086 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.983777046 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.983788967 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.983802080 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.983838081 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.983937979 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.984076977 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.984090090 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.984102011 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.984129906 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.985810995 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.985830069 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.985841036 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.985866070 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.985909939 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986059904 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986072063 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986078024 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986088991 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986136913 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986377954 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986687899 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986699104 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986711025 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986722946 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986742020 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.986818075 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988641977 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988703012 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988713980 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988725901 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988737106 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988748074 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988780975 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.988833904 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.989058971 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.989140987 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.989155054 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.989262104 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.989425898 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.989435911 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.989490032 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992096901 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992120028 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992134094 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992145061 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992156982 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992162943 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992162943 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992168903 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992181063 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992192984 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992204905 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992217064 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.992326021 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230387926 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230422020 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230432987 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230444908 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230458021 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230468988 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230483055 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230505943 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230546951 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230577946 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230597019 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230608940 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230621099 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230632067 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230643034 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230654001 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230665922 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230678082 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230690002 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230700970 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230714083 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230740070 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230740070 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230752945 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230763912 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230775118 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230787039 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230798006 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230817080 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230827093 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230854034 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230870962 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230879068 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230884075 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.230958939 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231040955 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231053114 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231065035 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231076956 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231089115 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231101990 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231101990 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231113911 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231126070 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231138945 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231148958 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231158972 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231170893 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231194019 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231205940 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231216908 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231218100 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231230021 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231241941 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231255054 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231259108 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231270075 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231285095 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231296062 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231331110 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.231481075 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235560894 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235580921 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235603094 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235615015 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235629082 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235641003 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235660076 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235671043 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235683918 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235693932 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235704899 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235706091 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235719919 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235733032 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235743999 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235750914 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235763073 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.235842943 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237087011 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237109900 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237123013 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237134933 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237143993 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237157106 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237170935 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237169027 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237183094 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237195969 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237206936 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237219095 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237232924 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237246037 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237297058 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237297058 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237400055 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237415075 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237432957 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237443924 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237454891 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237468004 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237490892 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237503052 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237514973 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237525940 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237538099 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237549067 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237550974 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237550974 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237561941 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.237629890 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238310099 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238323927 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238343954 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238354921 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238367081 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238379955 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238389015 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238432884 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238445044 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238456011 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238467932 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238481998 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238482952 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.238557100 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239110947 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239139080 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239151001 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239177942 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239188910 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239201069 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239212990 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239273071 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239284992 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239304066 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239319086 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239331961 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239334106 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239346027 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239358902 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239372015 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.239466906 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240108967 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240122080 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240134001 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240147114 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240159035 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240170956 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240171909 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240195990 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240207911 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240221024 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240248919 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240261078 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240272999 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240286112 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240413904 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.240509033 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241108894 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241122007 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241133928 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241147995 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241153955 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241167068 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241178989 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241192102 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241219044 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241260052 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241272926 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241285086 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241296053 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241302013 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241308928 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241313934 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.241359949 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242058992 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242072105 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242090940 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242103100 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242116928 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242145061 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242157936 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242171049 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242182970 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242197037 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242208004 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242219925 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242230892 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242703915 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.242847919 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243045092 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243093014 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243128061 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243139029 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243182898 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243192911 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243206024 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243217945 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243231058 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243741989 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243753910 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243766069 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243781090 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243783951 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243796110 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243808031 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243814945 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243835926 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243846893 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243860006 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243868113 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243876934 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243889093 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243900061 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243911028 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243999958 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.243999958 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244690895 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244705915 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244718075 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244771004 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244888067 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244905949 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244918108 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244930029 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244935989 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244941950 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244987011 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.244998932 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.245001078 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.245018005 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.245028973 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.245258093 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252612114 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252636909 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252650976 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252667904 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252681017 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252691984 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252711058 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252722025 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252737045 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252748013 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252767086 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252775908 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252787113 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252799034 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252810955 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252823114 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252857924 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252870083 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252882004 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252896070 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252903938 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252908945 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252922058 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.252933025 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.253070116 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.253165960 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.254971981 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.254987955 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255001068 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255017042 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255098104 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255110979 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255129099 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255141020 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255145073 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255152941 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255165100 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255177021 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255187988 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255199909 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255219936 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255253077 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255256891 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255275011 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255285025 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255296946 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255299091 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255321026 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255336046 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255347013 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255357981 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255376101 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255387068 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255398035 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255409002 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255417109 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255419970 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255434990 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255451918 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255464077 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255506039 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.255565882 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257818937 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257857084 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257872105 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257896900 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257909060 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257927895 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257940054 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257956028 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257975101 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.257987022 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258009911 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258047104 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258059978 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258071899 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258084059 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258152962 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258163929 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258167028 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258179903 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258198023 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258209944 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258213997 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258222103 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258234024 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.258359909 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.260831118 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.260857105 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.260869980 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.260883093 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.260896921 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.260910034 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.260925055 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261179924 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261202097 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261214018 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261225939 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261239052 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261260033 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261286020 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261288881 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261307955 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261321068 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261332035 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261421919 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261421919 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261421919 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261435032 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261447906 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261459112 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261471033 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261532068 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.261532068 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.264899015 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.264925003 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.264938116 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.264950991 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.264964104 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.264996052 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265008926 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265023947 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265052080 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265063047 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265075922 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265089989 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265160084 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265193939 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265207052 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265213013 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265219927 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265233040 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265247107 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265256882 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.265458107 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.803663969 CET53136443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.803719044 CET4435313634.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.804032087 CET53136443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.805569887 CET53136443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.805592060 CET4435313634.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.259865999 CET4435313634.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.259942055 CET53136443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.265048981 CET53136443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.265064001 CET4435313634.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.265147924 CET53136443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.265243053 CET4435313634.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.265948057 CET53136443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.267808914 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.272726059 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.363204002 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.366102934 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.370919943 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.414073944 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.496782064 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.545618057 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:39.272886992 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:39.277762890 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:40.375334978 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:40.380251884 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:40.497889996 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:40.502680063 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:49.285782099 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:49.290673971 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.278341055 CET53137443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.278393030 CET4435313734.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.278475046 CET53137443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.279927969 CET53137443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.279942036 CET4435313734.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.388948917 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.393887043 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.504925013 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.509922981 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.742360115 CET4435313734.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.742492914 CET53137443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.751801014 CET53137443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.751816034 CET4435313734.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.751878977 CET53137443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.752058029 CET4435313734.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.755475998 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.757292032 CET53137443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.760284901 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.855010986 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.859632015 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.864512920 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.906115055 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.954760075 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:51.006366968 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.988102913 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.988163948 CET4435313834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.991648912 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.991770983 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.991781950 CET4435313834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.992733955 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.992784023 CET4435313934.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.993366957 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.993506908 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.993520021 CET4435313934.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.456593990 CET4435313834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.456723928 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.459861994 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.459875107 CET4435313834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.460374117 CET4435313834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.461276054 CET4435313934.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.463751078 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.463846922 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.464534044 CET4435313834.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.467333078 CET4435313934.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.471654892 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.471673012 CET53138443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.471687078 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.474752903 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.474776030 CET4435313934.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.475097895 CET4435313934.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.478928089 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.479017019 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.479180098 CET4435313934.120.208.123192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.479798079 CET53139443192.168.2.934.120.208.123
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.493351936 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.498378038 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.587822914 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.631793022 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.636662006 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.640223026 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.726972103 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.778306961 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:59.298459053 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:59.303329945 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:07.606722116 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:07.611586094 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:07.738183022 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:07.743089914 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:09.311904907 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:09.316771984 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:17.622622013 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:17.627418995 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:17.754189968 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:17.759001970 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:19.319802999 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:19.324558020 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:27.636228085 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:27.641113997 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:27.758780956 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:27.763631105 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:29.325697899 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:29.330540895 CET80531352.22.61.56192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.794102907 CET53140443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.794137001 CET4435314034.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.794194937 CET53140443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.795650959 CET53140443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.795661926 CET4435314034.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.273349047 CET4435314034.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.273430109 CET53140443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.279581070 CET53140443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.279589891 CET4435314034.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.279683113 CET53140443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.279783964 CET4435314034.107.243.93192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.280958891 CET53140443192.168.2.934.107.243.93
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.282888889 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.287678957 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.377513885 CET805306834.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.381562948 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.386449099 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.431981087 CET5306880192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.501060009 CET805307534.107.221.82192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.547883987 CET5307580192.168.2.934.107.221.82
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:39.334450960 CET5313580192.168.2.92.22.61.56
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:39.339301109 CET80531352.22.61.56192.168.2.9

                                                                                                                                                                                                                                                                                                                        UDP Packets

                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.772528887 CET5659653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.779661894 CET53565961.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.780884027 CET5720953192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.787657976 CET53572091.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.054058075 CET5460653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.060894966 CET53546061.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.065514088 CET5565053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.072335958 CET53556501.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.073106050 CET5807053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.080442905 CET53580701.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.270621061 CET5354007162.159.36.2192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.395719051 CET5314653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.402544022 CET53531461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.403446913 CET6504853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.410872936 CET53650481.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.411623955 CET5979153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.418592930 CET53597911.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.794549942 CET5350753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.895786047 CET5771753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.903964996 CET53577171.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.905589104 CET5529653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.908247948 CET5864653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.912401915 CET53552961.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.913335085 CET5375453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.914407015 CET53535071.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.915353060 CET53586461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.915841103 CET5727553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.920166016 CET53537541.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.922058105 CET5663453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.922593117 CET53572751.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.930427074 CET53566341.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.940519094 CET6303653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.948009014 CET53630361.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.948545933 CET4939753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.955358028 CET53493971.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.026876926 CET5392653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.027311087 CET6350553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033590078 CET53539261.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033885002 CET53635051.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.037132025 CET5368253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.047331095 CET53536821.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.089885950 CET5360753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.096672058 CET53536071.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.109051943 CET5204753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.115801096 CET53520471.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.116631985 CET6524053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.123415947 CET53652401.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.127167940 CET4955153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.135879993 CET53495511.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.137306929 CET5834653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.144486904 CET53583461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.145117044 CET6511153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.152966976 CET53651111.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.646377087 CET5658053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.654624939 CET53565801.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.666995049 CET5930553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.674403906 CET53593051.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.687849998 CET5000153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.695347071 CET53500011.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.160742044 CET4934253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.167299032 CET53493421.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.168622017 CET5279353192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.175513983 CET53527931.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.187896967 CET5998853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.194700956 CET53599881.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.777745962 CET5186453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.778028965 CET5594653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784727097 CET53559461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784827948 CET53518641.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.174622059 CET5787153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.181452036 CET53578711.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.191858053 CET6514053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.198872089 CET53651401.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.200289965 CET5870053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.207264900 CET53587001.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.513343096 CET5684853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.520461082 CET53568481.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.521433115 CET5289953192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.528165102 CET53528991.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.487427950 CET6488153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.494633913 CET53648811.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.502460003 CET5364653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.509335995 CET53536461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.019581079 CET5141253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.026555061 CET53514121.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.029828072 CET5010453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.037281036 CET53501041.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.037852049 CET5732253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.044889927 CET53573221.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.321999073 CET5372453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.328654051 CET53537241.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.689973116 CET6059053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.689973116 CET5040453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.690262079 CET5870153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET53504041.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696896076 CET53605901.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697027922 CET53587011.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697453022 CET5643153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697685957 CET5735753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697912931 CET5294253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET53564311.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704807997 CET53529421.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704925060 CET53573571.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704971075 CET5991153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.705441952 CET5044353192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.705730915 CET5933553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712346077 CET53599111.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712407112 CET53593351.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712512016 CET53504431.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.713027000 CET5272253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.713567972 CET6156753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.719594002 CET53527221.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.720237017 CET5674653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.720309973 CET53615671.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.721251965 CET6320853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.726878881 CET53567461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.727369070 CET5074853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.727811098 CET53632081.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.728209972 CET5753953192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.734998941 CET53507481.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.735009909 CET53575391.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.099486113 CET5853653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.106920004 CET53585361.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.121093988 CET6312353192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.128442049 CET53631231.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.130045891 CET6416853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.137692928 CET53641681.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.138309956 CET5501053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.145401955 CET53550101.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.147352934 CET5034153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.154402971 CET53503411.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.158443928 CET5678553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.166893005 CET53567851.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.169220924 CET5111053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.176409006 CET53511101.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.138052940 CET6248653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.146847010 CET53624861.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.147370100 CET5759453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.154417038 CET53575941.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.803828001 CET5302653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.811017990 CET53530261.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.277465105 CET5992453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.284456015 CET53599241.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.285582066 CET6488153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.292788029 CET53648811.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.986550093 CET4982753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.993369102 CET53498271.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.495599031 CET6542753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.503045082 CET53654271.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.786307096 CET6446253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.793081999 CET53644621.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.794045925 CET6053953192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.800863981 CET53605391.1.1.1192.168.2.9

                                                                                                                                                                                                                                                                                                                        DNS Queries

                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.772528887 CET192.168.2.91.1.1.10x37fdStandard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.780884027 CET192.168.2.91.1.1.10xf979Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.054058075 CET192.168.2.91.1.1.10x8eb4Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.065514088 CET192.168.2.91.1.1.10xc79dStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.073106050 CET192.168.2.91.1.1.10xf5dbStandard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.395719051 CET192.168.2.91.1.1.10x7441Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.403446913 CET192.168.2.91.1.1.10xab9Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.411623955 CET192.168.2.91.1.1.10xce96Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.794549942 CET192.168.2.91.1.1.10x3ca1Standard query (0)206.23.85.13.in-addr.arpaPTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.895786047 CET192.168.2.91.1.1.10xa731Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.905589104 CET192.168.2.91.1.1.10x1c8cStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.908247948 CET192.168.2.91.1.1.10x9a93Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.913335085 CET192.168.2.91.1.1.10xbdddStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.915841103 CET192.168.2.91.1.1.10xa2aaStandard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.922058105 CET192.168.2.91.1.1.10x46a4Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.940519094 CET192.168.2.91.1.1.10xac9fStandard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.948545933 CET192.168.2.91.1.1.10x58c9Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.026876926 CET192.168.2.91.1.1.10xa05Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.027311087 CET192.168.2.91.1.1.10x69c7Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.037132025 CET192.168.2.91.1.1.10x38c5Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.089885950 CET192.168.2.91.1.1.10xc75dStandard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.109051943 CET192.168.2.91.1.1.10xa692Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.116631985 CET192.168.2.91.1.1.10x27eStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.127167940 CET192.168.2.91.1.1.10x7291Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.137306929 CET192.168.2.91.1.1.10x2b9cStandard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.145117044 CET192.168.2.91.1.1.10xda84Standard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.646377087 CET192.168.2.91.1.1.10x9c40Standard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.666995049 CET192.168.2.91.1.1.10x7076Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.687849998 CET192.168.2.91.1.1.10xbc05Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.160742044 CET192.168.2.91.1.1.10x9a4bStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.168622017 CET192.168.2.91.1.1.10xfbe9Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.187896967 CET192.168.2.91.1.1.10xe3c9Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.777745962 CET192.168.2.91.1.1.10x64dcStandard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.778028965 CET192.168.2.91.1.1.10x4973Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.174622059 CET192.168.2.91.1.1.10xc550Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.191858053 CET192.168.2.91.1.1.10x74b0Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.200289965 CET192.168.2.91.1.1.10x8c21Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.513343096 CET192.168.2.91.1.1.10xac8bStandard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.521433115 CET192.168.2.91.1.1.10xa730Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.487427950 CET192.168.2.91.1.1.10x8b10Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.502460003 CET192.168.2.91.1.1.10x5b40Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.019581079 CET192.168.2.91.1.1.10x4b31Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.029828072 CET192.168.2.91.1.1.10xd59fStandard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.037852049 CET192.168.2.91.1.1.10xccf4Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.321999073 CET192.168.2.91.1.1.10x1a32Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.689973116 CET192.168.2.91.1.1.10xdf64Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.689973116 CET192.168.2.91.1.1.10x4288Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.690262079 CET192.168.2.91.1.1.10x1cb1Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697453022 CET192.168.2.91.1.1.10x36f3Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697685957 CET192.168.2.91.1.1.10x5010Standard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697912931 CET192.168.2.91.1.1.10xab77Standard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704971075 CET192.168.2.91.1.1.10x76cfStandard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.705441952 CET192.168.2.91.1.1.10xe4e0Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.705730915 CET192.168.2.91.1.1.10xbfd4Standard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.713027000 CET192.168.2.91.1.1.10x4fa9Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.713567972 CET192.168.2.91.1.1.10xec47Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.720237017 CET192.168.2.91.1.1.10x487cStandard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.721251965 CET192.168.2.91.1.1.10xd278Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.727369070 CET192.168.2.91.1.1.10xc435Standard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.728209972 CET192.168.2.91.1.1.10x493aStandard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.099486113 CET192.168.2.91.1.1.10x9c24Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.121093988 CET192.168.2.91.1.1.10xe9f1Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.130045891 CET192.168.2.91.1.1.10xdaStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.138309956 CET192.168.2.91.1.1.10x5926Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.147352934 CET192.168.2.91.1.1.10x4e79Standard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.158443928 CET192.168.2.91.1.1.10x3297Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.169220924 CET192.168.2.91.1.1.10x4ea6Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.138052940 CET192.168.2.91.1.1.10xe68cStandard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.147370100 CET192.168.2.91.1.1.10x7b45Standard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:29.803828001 CET192.168.2.91.1.1.10x7a5cStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.277465105 CET192.168.2.91.1.1.10xa57dStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.285582066 CET192.168.2.91.1.1.10x440cStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.986550093 CET192.168.2.91.1.1.10xb5c7Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.495599031 CET192.168.2.91.1.1.10x20b0Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.786307096 CET192.168.2.91.1.1.10xeda6Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.794045925 CET192.168.2.91.1.1.10xd53fStandard query (0)push.services.mozilla.com28IN (0x0001)false

                                                                                                                                                                                                                                                                                                                        DNS Answers

                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:22.947983980 CET1.1.1.1192.168.2.90x234No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:22.947983980 CET1.1.1.1192.168.2.90x234No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.743733883 CET1.1.1.1192.168.2.90x83f6No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:52:59.779661894 CET1.1.1.1192.168.2.90x37fdNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.060894966 CET1.1.1.1192.168.2.90x8eb4No error (0)youtube.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.072335958 CET1.1.1.1192.168.2.90xc79dNo error (0)youtube.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.080442905 CET1.1.1.1192.168.2.90xf5dbNo error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.402544022 CET1.1.1.1192.168.2.90x7441No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.402544022 CET1.1.1.1192.168.2.90x7441No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.402544022 CET1.1.1.1192.168.2.90x7441No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.410872936 CET1.1.1.1192.168.2.90xab9No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.418592930 CET1.1.1.1192.168.2.90xce96No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.903198004 CET1.1.1.1192.168.2.90xb2b2No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.903198004 CET1.1.1.1192.168.2.90xb2b2No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.903964996 CET1.1.1.1192.168.2.90xa731No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.912401915 CET1.1.1.1192.168.2.90x1c8cNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.914407015 CET1.1.1.1192.168.2.90x3ca1Name error (3)206.23.85.13.in-addr.arpanonenonePTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.915353060 CET1.1.1.1192.168.2.90x9a93No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.930427074 CET1.1.1.1192.168.2.90x46a4No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.930427074 CET1.1.1.1192.168.2.90x46a4No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.948009014 CET1.1.1.1192.168.2.90xac9fNo error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033590078 CET1.1.1.1192.168.2.90xa05No error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033590078 CET1.1.1.1192.168.2.90xa05No error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033590078 CET1.1.1.1192.168.2.90xa05No error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033590078 CET1.1.1.1192.168.2.90xa05No error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033885002 CET1.1.1.1192.168.2.90x69c7No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.033885002 CET1.1.1.1192.168.2.90x69c7No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.047331095 CET1.1.1.1192.168.2.90x38c5No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.047331095 CET1.1.1.1192.168.2.90x38c5No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.047331095 CET1.1.1.1192.168.2.90x38c5No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.096672058 CET1.1.1.1192.168.2.90xc75dNo error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.096672058 CET1.1.1.1192.168.2.90xc75dNo error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.096672058 CET1.1.1.1192.168.2.90xc75dNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.115801096 CET1.1.1.1192.168.2.90xa692No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.123415947 CET1.1.1.1192.168.2.90x27eNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.135879993 CET1.1.1.1192.168.2.90x7291No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.135879993 CET1.1.1.1192.168.2.90x7291No error (0)shavar.prod.mozaws.net52.35.181.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.135879993 CET1.1.1.1192.168.2.90x7291No error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.135879993 CET1.1.1.1192.168.2.90x7291No error (0)shavar.prod.mozaws.net52.35.152.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.144486904 CET1.1.1.1192.168.2.90x2b9cNo error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.144486904 CET1.1.1.1192.168.2.90x2b9cNo error (0)shavar.prod.mozaws.net52.35.152.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.144486904 CET1.1.1.1192.168.2.90x2b9cNo error (0)shavar.prod.mozaws.net52.35.181.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.654624939 CET1.1.1.1192.168.2.90x9c40No error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.654624939 CET1.1.1.1192.168.2.90x9c40No error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.654624939 CET1.1.1.1192.168.2.90x9c40No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:06.674403906 CET1.1.1.1192.168.2.90x7076No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.167299032 CET1.1.1.1192.168.2.90x9a4bNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.167299032 CET1.1.1.1192.168.2.90x9a4bNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.167299032 CET1.1.1.1192.168.2.90x9a4bNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.175513983 CET1.1.1.1192.168.2.90xfbe9No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.194700956 CET1.1.1.1192.168.2.90xe3c9No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784727097 CET1.1.1.1192.168.2.90x4973No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784727097 CET1.1.1.1192.168.2.90x4973No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784827948 CET1.1.1.1192.168.2.90x64dcNo error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784827948 CET1.1.1.1192.168.2.90x64dcNo error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784827948 CET1.1.1.1192.168.2.90x64dcNo error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.784827948 CET1.1.1.1192.168.2.90x64dcNo error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.181452036 CET1.1.1.1192.168.2.90xc550No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:11.198872089 CET1.1.1.1192.168.2.90x74b0No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.509869099 CET1.1.1.1192.168.2.90x5c38No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.520461082 CET1.1.1.1192.168.2.90xac8bNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.483504057 CET1.1.1.1192.168.2.90x4c59No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.483504057 CET1.1.1.1192.168.2.90x4c59No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.494633913 CET1.1.1.1192.168.2.90x8b10No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.501421928 CET1.1.1.1192.168.2.90x25c3No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.026555061 CET1.1.1.1192.168.2.90x4b31No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.026555061 CET1.1.1.1192.168.2.90x4b31No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.037281036 CET1.1.1.1192.168.2.90xd59fNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com172.217.23.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696753025 CET1.1.1.1192.168.2.90x4288No error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696896076 CET1.1.1.1192.168.2.90xdf64No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.696896076 CET1.1.1.1192.168.2.90xdf64No error (0)star-mini.c10r.facebook.com157.240.253.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697027922 CET1.1.1.1192.168.2.90x1cb1No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.697027922 CET1.1.1.1192.168.2.90x1cb1No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com216.58.212.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com172.217.23.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704243898 CET1.1.1.1192.168.2.90x36f3No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704807997 CET1.1.1.1192.168.2.90xab77No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.704925060 CET1.1.1.1192.168.2.90x5010No error (0)star-mini.c10r.facebook.com157.240.251.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712346077 CET1.1.1.1192.168.2.90x76cfNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712346077 CET1.1.1.1192.168.2.90x76cfNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712346077 CET1.1.1.1192.168.2.90x76cfNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712346077 CET1.1.1.1192.168.2.90x76cfNo error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712407112 CET1.1.1.1192.168.2.90xbfd4No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.712512016 CET1.1.1.1192.168.2.90xe4e0No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.719594002 CET1.1.1.1192.168.2.90x4fa9No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.719594002 CET1.1.1.1192.168.2.90x4fa9No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.719594002 CET1.1.1.1192.168.2.90x4fa9No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.719594002 CET1.1.1.1192.168.2.90x4fa9No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.719594002 CET1.1.1.1192.168.2.90x4fa9No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.720309973 CET1.1.1.1192.168.2.90xec47No error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.726878881 CET1.1.1.1192.168.2.90x487cNo error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.726878881 CET1.1.1.1192.168.2.90x487cNo error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.726878881 CET1.1.1.1192.168.2.90x487cNo error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.726878881 CET1.1.1.1192.168.2.90x487cNo error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.727811098 CET1.1.1.1192.168.2.90xd278No error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.727811098 CET1.1.1.1192.168.2.90xd278No error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.727811098 CET1.1.1.1192.168.2.90xd278No error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:21.727811098 CET1.1.1.1192.168.2.90xd278No error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.128442049 CET1.1.1.1192.168.2.90xe9f1No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.128442049 CET1.1.1.1192.168.2.90xe9f1No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.128442049 CET1.1.1.1192.168.2.90xe9f1No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.128442049 CET1.1.1.1192.168.2.90xe9f1No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.137692928 CET1.1.1.1192.168.2.90xdaNo error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.137692928 CET1.1.1.1192.168.2.90xdaNo error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.137692928 CET1.1.1.1192.168.2.90xdaNo error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.137692928 CET1.1.1.1192.168.2.90xdaNo error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.145401955 CET1.1.1.1192.168.2.90x5926No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.145401955 CET1.1.1.1192.168.2.90x5926No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.145401955 CET1.1.1.1192.168.2.90x5926No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.145401955 CET1.1.1.1192.168.2.90x5926No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.154402971 CET1.1.1.1192.168.2.90x4e79No error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.154402971 CET1.1.1.1192.168.2.90x4e79No error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.166893005 CET1.1.1.1192.168.2.90x3297No error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.136821985 CET1.1.1.1192.168.2.90xc3bdNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.136821985 CET1.1.1.1192.168.2.90xc3bdNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.136821985 CET1.1.1.1192.168.2.90xc3bdNo error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.136821985 CET1.1.1.1192.168.2.90xc3bdNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.136821985 CET1.1.1.1192.168.2.90xc3bdNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.146847010 CET1.1.1.1192.168.2.90xe68cNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.146847010 CET1.1.1.1192.168.2.90xe68cNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.154417038 CET1.1.1.1192.168.2.90x7b45No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.154417038 CET1.1.1.1192.168.2.90x7b45No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.284456015 CET1.1.1.1192.168.2.90xa57dNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:56.982615948 CET1.1.1.1192.168.2.90x38b0No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.503045082 CET1.1.1.1192.168.2.90x20b0No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.503045082 CET1.1.1.1192.168.2.90x20b0No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.503045082 CET1.1.1.1192.168.2.90x20b0No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:30.793081999 CET1.1.1.1192.168.2.90xeda6No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                        HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                        • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                        HTTP Packets

                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        0192.168.2.95304834.107.221.82805448C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.529114008 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:01.977083921 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72312
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        1192.168.2.95305634.107.221.82805448C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.059488058 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:02.503629923 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75426
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        2192.168.2.95306834.107.221.82805448C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.139781952 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.675169945 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72314
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.155024052 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.249098063 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72318
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.259924889 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.353992939 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72325
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.487735033 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:15.584125042 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72326
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.176217079 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.271147013 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72327
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.516511917 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.628204107 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72328
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.106579065 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.200551033 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72329
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.685794115 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.780769110 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72329
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.160340071 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.254702091 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72330
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.795392990 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.889863014 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72330
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.566503048 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.661065102 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72338
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.113718987 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.208962917 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72339
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.267808914 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.363204002 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72341
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:40.375334978 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.388948917 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.755475998 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.855010986 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72361
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.493351936 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.587822914 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72368
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:07.606722116 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:17.622622013 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:27.636228085 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.282888889 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.377513885 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 20:47:49 GMT
                                                                                                                                                                                                                                                                                                                        Age: 72402
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        3192.168.2.95307534.107.221.82805448C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:03.808480978 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:04.256268978 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75428
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.868519068 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:07.963809967 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75431
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.625449896 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:14.720453978 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75438
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.171665907 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:16.266622066 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75440
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.512456894 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.628899097 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75441
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.745121956 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:17.840405941 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75441
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.208302975 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.308751106 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75442
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.784059048 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:18.879776955 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75442
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.257930040 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.353405952 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75443
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.894301891 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:19.989847898 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75443
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.674611092 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:27.769635916 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75451
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.212973118 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.308990002 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75452
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.366102934 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:30.496782064 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75454
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:40.497889996 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.504925013 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.859632015 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:50.954760075 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75474
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.631793022 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:57.726972103 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75481
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:07.738183022 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:17.754189968 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:27.758780956 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.381562948 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:54:31.501060009 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                        Date: Thu, 06 Feb 2025 19:55:56 GMT
                                                                                                                                                                                                                                                                                                                        Age: 75515
                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: success


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        4192.168.2.9531352.22.61.56805448C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.142657042 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799436092 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Last-Modified: Fri, 08 Nov 2024 02:52:28 GMT
                                                                                                                                                                                                                                                                                                                        ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                        Content-Length: 453023
                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                        X-Timestamp: 1731034347.00215
                                                                                                                                                                                                                                                                                                                        Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                        X-Trans-Id: txae98f05a963b495faffd8-00672e4c83dfw1
                                                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=84277
                                                                                                                                                                                                                                                                                                                        Expires: Sat, 08 Feb 2025 16:18:05 GMT
                                                                                                                                                                                                                                                                                                                        Date: Fri, 07 Feb 2025 16:53:28 GMT
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                        Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799455881 CET224INData Raw: c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5 ff
                                                                                                                                                                                                                                                                                                                        Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799468994 CET1236INData Raw: 64 49 55 6b 71 39 03 cc 5b bd 1e c5 ad 18 08 99 01 64 76 b8 80 d1 6c b0 34 03 07 d7 8c dd f7 4d 74 62 ff 2e 6f 7c 6f 8f 1a 95 27 9e bb e8 f8 4a 19 5f 3a be 0f d5 47 20 8d a9 bf c4 f8 5a db 8a f3 10 2c a6 a1 43 c5 a5 da 30 7f 2e d1 61 2e 83 5f 39
                                                                                                                                                                                                                                                                                                                        Data Ascii: dIUkq9[dvl4Mtb.o|o'J_:G Z,C0.a._9}-mOy9sC0/a?wJWxekb!.b-iE,.rtRbEc>2`<)mD+< A*Py(L"InI%eHL`3
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.799485922 CET224INData Raw: 82 06 a5 3a a8 f8 40 7f 56 1a a4 36 9b ea 9c 12 f0 c4 14 c9 e4 fb 0b b5 66 76 ec 61 29 f5 e2 47 90 5f 10 ca c7 4b a1 17 fd be 3d 67 54 13 97 1d bf 1a 0a f9 3b 73 43 1e cf 2b b1 1e 8f 09 c9 29 21 bb 1c e4 3d 07 d9 ed bb 3d 91 96 1a 54 f3 5a 42 c7
                                                                                                                                                                                                                                                                                                                        Data Ascii: :@V6fva)G_K=gT;sC+)!==TZB6}jC3NZtSnp$KUl'}U IN~\+PU^Kt:u*;I/l`%s^9pD<No|&zc%Z}ne
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.801404953 CET1236INData Raw: e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b 6a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.801418066 CET1236INData Raw: b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e 58
                                                                                                                                                                                                                                                                                                                        Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj$j'8+e,
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.801429987 CET448INData Raw: 59 a1 3a 30 da 1f c7 46 38 f7 c6 ae b7 e7 c5 9f 5d a8 36 5f d5 9d 87 6c ad 47 1b 46 c6 e7 3b 33 98 32 52 3c 2a 7c ff bd 41 4d 6d c3 e7 1d cc 76 b2 cb 49 da 24 b2 93 ee 1d dc b1 15 a7 08 df 1f 0f a0 b9 ab d2 f6 0e 3e 2d d7 34 b2 0c b5 d2 2c 92 2a
                                                                                                                                                                                                                                                                                                                        Data Ascii: Y:0F8]6_lGF;32R<*|AMmvI$>-4,*kx@<w LP#a=5;byI bIj+pB1\X*%]"^\no%S<ov|2z_gOg/n}{6{ED$Y'1ZHBF
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804492950 CET1236INData Raw: a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48 6c
                                                                                                                                                                                                                                                                                                                        Data Ascii: !Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804511070 CET224INData Raw: 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd 94
                                                                                                                                                                                                                                                                                                                        Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!k
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804548025 CET1236INData Raw: 46 89 84 26 d4 1b 39 c7 88 8f 1a 55 35 f0 44 fb d3 b7 0c e8 b8 40 df f3 dc af 63 83 20 57 97 8c 0b 3b b2 d7 fd 3a 82 81 fc 20 ea 31 d8 4a 72 0a 74 dc f7 18 4c 69 ee 9a 4c 86 7b f1 43 ec 90 b2 28 0f 1f b3 ba b3 e6 81 54 d0 be 7b 3e 99 81 4f 07 7f
                                                                                                                                                                                                                                                                                                                        Data Ascii: F&9U5D@c W;: 1JrtLiL{C(T{>OU|MW'|sznz{e13d;0qkf#8kGVQYc.']X[o7DS0@:TeJ-HW~Cpli6Teu9y=
                                                                                                                                                                                                                                                                                                                        Feb 7, 2025 17:53:28.804603100 CET224INData Raw: 51 f3 fa 2a 9a 57 80 64 07 48 95 68 0f 8f 50 37 a3 ef bf 42 94 1d 87 b2 e3 74 19 4a 1d 2a a4 2c e7 2b 52 86 00 05 3a 51 40 7f fd 0f ec 39 22 00 5c 9f 6a b7 7b be a2 dd 7e 23 64 b7 63 01 43 f7 ed 64 02 aa 52 c1 2c ee c5 57 61 11 a8 ff 63 c1 ad dc
                                                                                                                                                                                                                                                                                                                        Data Ascii: Q*WdHhP7BtJ*,+R:Q@9"\j{~#dcCdR,WacJI[hz'C|kN?!z,#|+XxL6}W3mr@(|Hdp'#HdsT])g/P/


                                                                                                                                                                                                                                                                                                                        Statistics

                                                                                                                                                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                        Behavior

                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                        System Behavior

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:0
                                                                                                                                                                                                                                                                                                                        Start time:11:52:28
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                        Imagebase:0x3f0000
                                                                                                                                                                                                                                                                                                                        File size:967'168 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:D1BF8E67A6A73ADED20586AAB5F29510
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:2
                                                                                                                                                                                                                                                                                                                        Start time:11:52:29
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:3
                                                                                                                                                                                                                                                                                                                        Start time:11:52:29
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:4
                                                                                                                                                                                                                                                                                                                        Start time:11:52:32
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:5
                                                                                                                                                                                                                                                                                                                        Start time:11:52:32
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:6
                                                                                                                                                                                                                                                                                                                        Start time:11:52:33
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:7
                                                                                                                                                                                                                                                                                                                        Start time:11:52:33
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:8
                                                                                                                                                                                                                                                                                                                        Start time:11:52:33
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:9
                                                                                                                                                                                                                                                                                                                        Start time:11:52:33
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:10
                                                                                                                                                                                                                                                                                                                        Start time:11:52:33
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:11
                                                                                                                                                                                                                                                                                                                        Start time:11:52:33
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:12
                                                                                                                                                                                                                                                                                                                        Start time:11:52:33
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                                                                                                                                                        Start time:11:52:36
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:14
                                                                                                                                                                                                                                                                                                                        Start time:11:52:36
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:16
                                                                                                                                                                                                                                                                                                                        Start time:11:52:39
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7549311c-e0e7-4a01-aa93-591359495f37} 8084 "\\.\pipe\gecko-crash-server-pipe.8084" 23f44a6eb10 socket
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:17
                                                                                                                                                                                                                                                                                                                        Start time:11:52:39
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:18
                                                                                                                                                                                                                                                                                                                        Start time:11:52:40
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:19
                                                                                                                                                                                                                                                                                                                        Start time:11:52:42
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:20
                                                                                                                                                                                                                                                                                                                        Start time:11:52:42
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:21
                                                                                                                                                                                                                                                                                                                        Start time:11:52:42
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:22
                                                                                                                                                                                                                                                                                                                        Start time:11:52:42
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:24
                                                                                                                                                                                                                                                                                                                        Start time:11:52:43
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:25
                                                                                                                                                                                                                                                                                                                        Start time:11:52:43
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:26
                                                                                                                                                                                                                                                                                                                        Start time:11:52:43
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:27
                                                                                                                                                                                                                                                                                                                        Start time:11:52:43
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:28
                                                                                                                                                                                                                                                                                                                        Start time:11:52:43
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:29
                                                                                                                                                                                                                                                                                                                        Start time:11:52:44
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:30
                                                                                                                                                                                                                                                                                                                        Start time:11:52:44
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:33
                                                                                                                                                                                                                                                                                                                        Start time:11:52:47
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2308 -parentBuildID 20230927232528 -prefsHandle 2252 -prefMapHandle 2236 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2597704f-3549-4520-87b8-69786454f492} 2052 "\\.\pipe\gecko-crash-server-pipe.2052" 2f52f16f510 socket
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:34
                                                                                                                                                                                                                                                                                                                        Start time:11:52:49
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:35
                                                                                                                                                                                                                                                                                                                        Start time:11:52:49
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:36
                                                                                                                                                                                                                                                                                                                        Start time:11:52:53
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:37
                                                                                                                                                                                                                                                                                                                        Start time:11:52:53
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:38
                                                                                                                                                                                                                                                                                                                        Start time:11:52:54
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:39
                                                                                                                                                                                                                                                                                                                        Start time:11:52:54
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:40
                                                                                                                                                                                                                                                                                                                        Start time:11:52:54
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:41
                                                                                                                                                                                                                                                                                                                        Start time:11:52:54
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:42
                                                                                                                                                                                                                                                                                                                        Start time:11:52:54
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                        Imagebase:0xf50000
                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:43
                                                                                                                                                                                                                                                                                                                        Start time:11:52:54
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:44
                                                                                                                                                                                                                                                                                                                        Start time:11:52:55
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:45
                                                                                                                                                                                                                                                                                                                        Start time:11:52:55
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:46
                                                                                                                                                                                                                                                                                                                        Start time:11:52:55
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:47
                                                                                                                                                                                                                                                                                                                        Start time:11:52:56
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2276 -parentBuildID 20230927232528 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 25315 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3665753-fa1f-4a96-aa92-02db64cd4d7c} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e09296d710 socket
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:48
                                                                                                                                                                                                                                                                                                                        Start time:11:53:14
                                                                                                                                                                                                                                                                                                                        Start date:07/02/2025
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2660 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1356 -prefMapHandle 2712 -prefsLen 32327 -prefMapSize 238769 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a077616c-92d4-4020-bf3e-bb2a9ef83594} 5448 "\\.\pipe\gecko-crash-server-pipe.5448" 1e0a9ee7710 utility
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff73feb0000
                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        Disassembly

                                                                                                                                                                                                                                                                                                                        Reset < >