Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1610232
MD5:4cb7f8d6d02d0a8b31c24b632532f3b5
SHA1:d94a1c2c7f1ee270ba2854cddcf4da106023ec67
SHA256:c56deb44762dfe55715e5b2dcdd26c83ace4db66b0d6ea9b3dfb161013b6be4e
Tags:CredentialFlusherexeuser-aachum
Infos:

Detection

Credential Flusher
Score:80
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Machine Learning detection for sample
Connects to many different domains
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Drops PE files
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 1088 cmdline: "C:\Users\user\Desktop\random.exe" MD5: 4CB7F8D6D02D0A8B31C24B632532F3B5)
    • taskkill.exe (PID: 2608 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 4852 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1408 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 3480 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 2128 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6108 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 5488 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 3788 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1476 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6468 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 6392 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 5808 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 1396 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 428 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2104 -prefMapHandle 2096 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2c1f52b-5438-4ca1-98f7-d2c76f772c26} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9b5670b10 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 6496 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3008 -parentBuildID 20230927232528 -prefsHandle 2988 -prefMapHandle 3020 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c0f3fc0-8d05-409b-831e-84e529f5bfeb} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9c7df5d10 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7632 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5124 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5076 -prefMapHandle 5072 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe98f088-833d-4ecb-aeac-9d8e65171bf6} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9ce493910 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 1088JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeVirustotal: Detection: 26%Perma Link
    Source: random.exeReversingLabs: Detection: 31%
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.6% probability
    Machine Learning detection for sample
    Source: random.exeJoe Sandbox ML: detected
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49715 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49722 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49724 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49731 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49736 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49737 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49739 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49866 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49867 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.5:49868 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49877 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49876 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49878 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49879 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50027 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50028 version: TLS 1.2
    Source: Binary string: UxTheme.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xWindows.Security.Integrity.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000E.00000003.2226435091.000002B9C4EBB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winsta.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: bcrypt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WscApi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2224531972.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: msvcrt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xWindows.StateRepositoryPS.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8WinTypes.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xul.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mozglue.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winnsi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dcomp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8dhcpcsvc6.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8softokn3.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntmarta.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: urlmon.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8twinapi.appcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8kernelbase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shlwapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2223141968.000002B9C9A01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8CoreMessaging.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: win32u.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8bcryptprimitives.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: firefox.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: srvcli.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: imm32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: freebl3.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ws2_32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mswsock.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8gkcodecs.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8iphlpapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nsi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8ExplorerFrame.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winmm.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ole32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8CoreUIComponents.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8osclientcerts.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8cryptbase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8cfgmgr32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msasn1.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: DWrite.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: combase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8iertutil.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8dhcpcsvc.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000E.00000003.2225900721.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: nss3.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8webauthn.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Kernel.Appcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8ColorAdapterClient.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8powrprof.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wsock32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8MMDevAPI.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8oleaut32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rpcrt4.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8TextInputFramework.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2225900721.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2226435091.000002B9C4EBB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: 8InputHost.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8ucrtbase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8audioses.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Bcp47mrm.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8netutils.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shell32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8rasadhlp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Bcp47Langs.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8msvcp_win.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8wtsapi32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8taskschd.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2224531972.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: userenv.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.UI.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8fwpuclnt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msimg32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: devobj.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d3d11.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2223141968.000002B9C9A01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: 8advapi32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.Storage.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbghelp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8OnDemandConnRouteHelper.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8netprofm.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: gdi32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: profapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.Globalization.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WLDP.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sechost.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8directmanipulation.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8setupapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: propsys.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8lgpllibs.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: 8gdi32full.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winrnr.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msctf.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: version.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbgcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mscms.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: user32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: twinapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8DataExchange.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: 8wintrust.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: psapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8WindowManagementAPI.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntdll.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dxgi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8npmproxy.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8linkinfo.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.UI.Immersive.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: crypt32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0051DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004EC2A2 FindFirstFileExW,0_2_004EC2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005268EE FindFirstFileW,FindClose,0_2_005268EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0052698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0051D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0051D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00529642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00529642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0052979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00529B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00529B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00525C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00525C97
    Source: firefox.exeMemory has grown: Private usage: 2MB later: 227MB
    Source: unknownNetwork traffic detected: DNS query count 33
    Source: Joe Sandbox ViewIP Address: 151.101.1.91 151.101.1.91
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052CE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_0052CE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKContent-Length: 453023Accept-Ranges: bytesLast-Modified: Fri, 07 Feb 2025 06:55:57 GMTETag: 85430baed3398695717b0263807cf97cX-Timestamp: 1738911356.44453Content-Type: application/zipX-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1Cache-Control: public, max-age=221820Expires: Tue, 11 Feb 2025 09:05:43 GMTDate: Sat, 08 Feb 2025 19:28:43 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000E.00000003.2260444563.000002BF6C303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2260444563.000002BF6C303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/*Z equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2284235434.000002B9C526E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Wikipedia&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Reddit&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Twitter&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></section></div></div></div></div><style data-styles="[[null]]"></style></div><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div></div></div></div><style data-styles="[[null]]"></style></div></div></main></div></div> equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2206404404.000002B9D1CFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2245724948.000002B9D1CFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2249719860.000002B9CF445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD730000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2251342185.000002B9CD730000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD731000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208419241.000002B9CFBE3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2279630492.000002B9CD9CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2206404404.000002B9D1CFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2276228057.000002B9D1CFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2245724948.000002B9D1CFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2249719860.000002B9CF445000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD730000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD730000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2139168741.000002B9C6E7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2281164596.000002B9C6E79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2139168741.000002B9C6E7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2281164596.000002B9C6E79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000E.00000003.2139168741.000002B9C6E7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2281164596.000002B9C6E79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DB0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/P equals www.facebook.com (Facebook)
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DB0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/P equals www.twitter.com (Twitter)
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DB0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/P equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2206901360.000002B9D1881000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291716023.000002B9D1887000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284897933.000002B9D1882000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: moz-extension://bfdd6cf3-6cd6-4fa2-bc72-2c3d2e7d20f8/injections/js/bug1842437-www.youtube.com-performance-now-precision.js equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2293042530.000002B9CD9F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279630492.000002B9CD9CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279630492.000002B9CD9F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2260244342.00001D33C6303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.comZ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2293042530.000002B9CD9F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206404404.000002B9D1CFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279630492.000002B9CD9F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2276857982.000002B9C7477000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274310348.000002B9C7470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 0000000E.00000003.2283504782.000002B9C5689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000E.00000003.2279630492.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
    Source: firefox.exe, 0000000E.00000003.2279630492.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
    Source: firefox.exe, 0000000E.00000003.2279630492.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
    Source: firefox.exe, 0000000E.00000003.2279630492.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
    Source: firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
    Source: firefox.exe, 0000000E.00000003.2268821859.000002B9D13DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000E.00000003.2245724948.000002B9D1CFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000E.00000003.2250341638.000002B9CD9F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD5A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2236249305.000002B9CD5A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000E.00000003.2260668527.0000274B04503000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2260907514.00002E813E203000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2260668527.0000274B04503000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2260907514.00002E813E203000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/0
    Source: firefox.exe, 0000000E.00000003.2255979157.000002B9C7FA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2138368545.000002B9C7FD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2221557547.000002B9C73F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2118000883.000002B9C5CD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283804385.000002B9C5554000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2252649966.000002B9C8F35000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210660385.000002B9CD4A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2229000013.000002B9C77D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219269445.000002B9CD523000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2300699477.000002B9C7EBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212871607.000002B9C77D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2236249305.000002B9CD593000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283345129.000002B9C5B9D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210807383.000002B9C71DA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211163917.000002B9CD40E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115996169.000002B9C5CFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2255979157.000002B9C7FD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248304420.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115569027.000002B9C5CFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2133632867.000002B9CD599000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206510376.000002B9C5CE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: firefox.exe, 0000000E.00000003.2260668527.0000274B04503000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2260907514.00002E813E203000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/Z
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0C
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0N
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.thawte.com0
    Source: firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
    Source: firefox.exe, 0000000E.00000003.2210020084.000002B9CD693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0.
    Source: firefox.exe, 0000000E.00000003.2210020084.000002B9CD693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
    Source: firefox.exe, 0000000E.00000003.2210020084.000002B9CD693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
    Source: firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
    Source: firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://www.mozilla.com0
    Source: firefox.exe, 0000000E.00000003.2299080754.000002B9C9984000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updatex
    Source: firefox.exe, 0000000E.00000003.2279630492.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
    Source: firefox.exe, 0000000E.00000003.2138368545.000002B9C7F6D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2139168741.000002B9C6E93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279121592.000002B9C7BEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2272929983.000002B9C7F2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269342696.000002B9CF4CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2256456840.000002B9C7F2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2256282505.000002B9C7F6D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269988573.000002B9CD715000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209237128.000002B9CD715000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282707539.000002B9C5D67000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD715000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: firefox.exe, 0000000E.00000003.2138368545.000002B9C7F6D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2256282505.000002B9C7F6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulP
    Source: firefox.exe, 0000000E.00000003.2283293195.000002B9C5D24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulp
    Source: mozilla-temp-41.14.drString found in binary or memory: http://www.videolan.org/x264.html
    Source: firefox.exe, 0000000E.00000003.2208419241.000002B9CFB4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210020084.000002B9CD693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2208419241.000002B9CFB4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210020084.000002B9CD693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109938051.000002B9C5838000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110200127.000002B9C586F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110074844.000002B9C5853000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000E.00000003.2254595021.000002B9C8E82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
    Source: firefox.exe, 0000000E.00000003.2247763483.000002B9D12E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2207811226.000002B9D12E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000000E.00000003.2293613452.000002B9CD764000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD756000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD756000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD756000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD756000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
    Source: firefox.exe, 0000000E.00000003.2242886071.000002B9CF357000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2164167858.000002B9C7897000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2230475895.000002B9C7897000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2214070036.000002B9CF32F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2161258196.000002B9CF32F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2244878312.000002B9C7897000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2255082818.000002B9C8E08000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249564296.000002B9CF4DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2162873644.000002B9CF32F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2162873644.000002B9CF34F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2161258196.000002B9CF34F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
    Source: firefox.exe, 0000000E.00000003.2248304420.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271882134.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249719860.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269342696.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads-us.rd.linksynergy.com/as.php
    Source: firefox.exe, 0000000E.00000003.2277663498.000002B9C72D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD66C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000000E.00000003.2294960929.000002B9CD377000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209776932.000002B9CD6CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269507043.000002B9CE4F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2287045642.000002B9CE491000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
    Source: firefox.exe, 0000000E.00000003.2292907767.000002B9CE4AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167792534.000002B9C6C52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
    Source: firefox.exe, 0000000E.00000003.2167652389.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
    Source: firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
    Source: firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
    Source: firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
    Source: firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
    Source: firefox.exe, 0000000E.00000003.2263811654.000002B9C7347000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
    Source: firefox.exe, 0000000E.00000003.2167652389.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167792534.000002B9C6C52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167792534.000002B9C6C52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000E.00000003.2109938051.000002B9C5838000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110200127.000002B9C586F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110074844.000002B9C5853000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110319799.000002B9C588A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000E.00000003.2251342185.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net
    Source: firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2251342185.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293389196.000002B9CD7C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2293389196.000002B9CD7C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2293389196.000002B9CD7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248304420.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271882134.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249719860.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269342696.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
    Source: firefox.exe, 0000000E.00000003.2146161006.000002B9C738D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000000E.00000003.2248789833.000002B9CD730000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2233242575.000002B9C7509000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273617834.000002B9C7494000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD49C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?t=ffab&q=
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2292551599.000002B9CFB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323782844.0000014F4DB13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2141100862.000002B9C701B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2142125265.000002B9C7013000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 0000000E.00000003.2268821859.000002B9D13C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2268821859.000002B9D13E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2292551599.000002B9CFB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323782844.0000014F4DB13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DBC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DBC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA2F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323782844.0000014F4DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DBC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
    Source: firefox.exe, 0000000E.00000003.2136151874.000002B9CD756000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DBC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
    Source: firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/cfworker
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD523000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD523000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000E.00000003.2109938051.000002B9C5838000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110200127.000002B9C586F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110074844.000002B9C5853000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000000E.00000003.2267987874.000002B9D1586000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
    Source: firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
    Source: firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2290027423.000002B9CD44F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
    Source: firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000000E.00000003.2260668527.0000274B04503000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2162424552.000002B9CF3B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297667480.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2255451509.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2299389515.000002B9C82C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2286153995.000002B9D1272000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
    Source: firefox.exe, 0000000E.00000003.2256765906.000002B9C76CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279204182.000002B9C76DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
    Source: firefox.exe, 0000000E.00000003.2286153995.000002B9D1272000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
    Source: firefox.exe, 0000000E.00000003.2286153995.000002B9D1272000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
    Source: firefox.exe, 0000000E.00000003.2286153995.000002B9D1272000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
    Source: firefox.exe, 0000000E.00000003.2286153995.000002B9D1272000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293524894.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
    Source: prefs-1.js.14.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
    Source: firefox.exe, 0000000E.00000003.2252355272.000002B9C9942000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DBF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000000E.00000003.2207754565.000002B9D15E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/622ab227-836e-46ca-aaf6-4995a
    Source: firefox.exe, 0000000E.00000003.2271073865.000002B9C9924000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/messaging-system/1/7755ad51-2370-4623-
    Source: firefox.exe, 0000000E.00000003.2296607392.000002B9C858F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268821859.000002B9D13E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/1ca89b74-3a4e-4042-b074-0c95
    Source: firefox.exe, 0000000E.00000003.2286295021.000002B9CF48C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206901360.000002B9D1881000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291716023.000002B9D1887000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284897933.000002B9D1882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267363092.000002B9D1881000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249719860.000002B9CF48C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/22d52c7b-dbec-4c18
    Source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284006471.000002B9C52D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/5bc28aaf-6ef6-4e41
    Source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/dab83d8b-0079-408b
    Source: firefox.exe, 0000000E.00000003.2286295021.000002B9CF48C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206901360.000002B9D1881000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291716023.000002B9D1887000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284897933.000002B9D1882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267363092.000002B9D1881000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249719860.000002B9CF48C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/fbcd75f7-8967-47f2
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2287516492.000002B9CDA29000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
    Source: firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 0000000E.00000003.2283504782.000002B9C56D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2281831220.000002B9C68B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284235434.000002B9C526E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
    Source: firefox.exe, 0000000E.00000003.2254595021.000002B9C8E82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
    Source: firefox.exe, 0000000E.00000003.2254595021.000002B9C8E82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
    Source: firefox.exe, 0000000E.00000003.2168044034.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249564296.000002B9CF4DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sv
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DB8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AE72000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggestabout
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2284235434.000002B9C527E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000000E.00000003.2284235434.000002B9C527E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2208419241.000002B9CFBBC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2292239929.000002B9CFBDA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2290027423.000002B9CD44F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
    Source: firefox.exe, 0000000E.00000003.2273507596.000002B9C74D9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 0000000E.00000003.2273507596.000002B9C74EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2&
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 0000000E.00000003.2297667480.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2299643034.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2255451509.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 0000000E.00000003.2273507596.000002B9C74EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=AIzaSyC7jsptDS
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 0000000E.00000003.2273507596.000002B9C74EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2284235434.000002B9C527E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
    Source: firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2146161006.000002B9C738D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 0000000E.00000003.2255451509.000002B9C8299000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297667480.000002B9C829D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2299643034.000002B9C82A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 0000000E.00000003.2249719860.000002B9CF445000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2249719860.000002B9CF445000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2255451509.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2255451509.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2255451509.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000E.00000003.2287516492.000002B9CDA51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
    Source: firefox.exe, 0000000E.00000003.2287516492.000002B9CDA51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2292551599.000002B9CFB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323782844.0000014F4DB13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 0000000E.00000003.2287516492.000002B9CDA51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277805252.000002B9C72BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2292466515.000002B9CFB38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323782844.0000014F4DBF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 0000000E.00000003.2277130999.000002B9C7421000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
    Source: firefox.exe, 0000000E.00000003.2277130999.000002B9C7421000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
    Source: firefox.exe, 0000000E.00000003.2284235434.000002B9C527E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000000E.00000003.2255888361.000002B9C81D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2255451509.000002B9C8280000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2137482157.000002B9C81D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298080308.000002B9C8281000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247763483.000002B9D12E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2207811226.000002B9D12E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
    Source: firefox.exe, 0000000E.00000003.2281831220.000002B9C68D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2207754565.000002B9D15E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277620676.000002B9C72DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206901360.000002B9D1881000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291716023.000002B9D1887000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297667480.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284897933.000002B9D1882000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2299643034.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2255451509.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2267363092.000002B9D1881000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271073865.000002B9C9924000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
    Source: firefox.exe, 0000000E.00000003.2212308122.000002B9C69A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
    Source: firefox.exe, 0000000E.00000003.2137482157.000002B9C81A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000000E.00000003.2284006471.000002B9C52D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
    Source: firefox.exe, 0000000E.00000003.2269342696.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 0000000E.00000003.2277130999.000002B9C7421000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://watch.sling.com/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2290027423.000002B9CD44F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
    Source: firefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000000E.00000003.2140143153.000002B9CD8BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
    Source: firefox.exe, 0000000E.00000003.2272512837.000002B9CD49C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
    Source: firefox.exe, 0000000E.00000003.2251342185.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
    Source: firefox.exe, 0000000E.00000003.2212978999.000002B9C4E9E000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: https://www.digicert.com/CPS0
    Source: firefox.exe, 0000000E.00000003.2138284784.000002B9C8178000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
    Source: firefox.exe, 0000000E.00000003.2250341638.000002B9CD9F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000E.00000003.2109938051.000002B9C5838000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110200127.000002B9C586F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110074844.000002B9C5853000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110319799.000002B9C588A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000E.00000003.2278130910.000002B9C7276000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2209237128.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109938051.000002B9C5838000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110200127.000002B9C586F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2149470580.000002B9C75ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110074844.000002B9C5853000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2233242575.000002B9C7509000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110319799.000002B9C588A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD49C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2278130910.000002B9C7276000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mobilesuica.com/
    Source: firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2289736645.000002B9CD474000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc
    Source: firefox.exe, 0000000E.00000003.2141100862.000002B9C701B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2142125265.000002B9C7013000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6
    Source: firefox.exe, 0000000E.00000003.2281831220.000002B9C68D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2260244342.00001D33C6303000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247763483.000002B9D12E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2207811226.000002B9D12E9000.00000004.00000800.00020000.00000000.sdmp, targeting.snapshot.json.tmp.14.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
    Source: firefox.exe, 0000000E.00000003.2260244342.00001D33C6303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Z
    Source: firefox.exe, 0000000E.00000003.2281831220.000002B9C68D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DBF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
    Source: firefox.exe, 00000011.00000002.3324250603.0000018B9DAC7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/9j
    Source: firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/G
    Source: firefox.exe, 0000000E.00000003.2209237128.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288930411.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248789833.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269676287.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2251342185.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2293435642.000002B9CD7A3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136151874.000002B9CD78A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
    Source: firefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2254595021.000002B9C8E82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
    Source: firefox.exe, 0000000E.00000003.2272512837.000002B9CD49C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 0000000E.00000003.2277130999.000002B9C7421000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sling.com/
    Source: firefox.exe, 0000000E.00000003.2260444563.000002BF6C303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
    Source: firefox.exe, 0000000E.00000003.2140143153.000002B9CD8BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
    Source: firefox.exe, 00000012.00000002.3323782844.0000014F4DB0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
    Source: firefox.exe, 0000000E.00000003.2295830769.000002B9C8F67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
    Source: firefox.exe, 0000000E.00000003.2208419241.000002B9CFB4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2256537716.000002B9C7EDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2289985417.000002B9CD472000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
    Source: recovery.jsonlz4.tmp.14.drString found in binary or memory: https://youtube.com/account?=
    Source: firefox.exe, 00000012.00000002.3322060243.0000014F4D760000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.co
    Source: firefox.exe, 00000011.00000002.3321922488.0000018B9D7CA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323279991.0000014F4D840000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323279991.0000014F4D84A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3322060243.0000014F4D764000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 00000011.00000002.3321922488.0000018B9D7C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd(
    Source: firefox.exe, 0000000C.00000002.2093420423.0000024EE8A99000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2099323571.000001E15B649000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: firefox.exe, 00000010.00000002.3328165564.000002772AF84000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3323544538.000002772ABC0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3322909087.0000018B9D974000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3321922488.0000018B9D7C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323279991.0000014F4D840000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3322060243.0000014F4D764000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: firefox.exe, 00000010.00000002.3328165564.000002772AF80000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.co~
    Source: firefox.exe, 0000000E.00000003.2260668527.0000274B04503000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.comZ
    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
    Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
    Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
    Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
    Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
    Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
    Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
    Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
    Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
    Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
    Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
    Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
    Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
    Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
    Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
    Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
    Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
    Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49715 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49722 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49724 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49731 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49736 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49737 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49739 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49866 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49867 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.5:49868 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49877 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49876 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49878 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:49879 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50027 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:50028 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0052EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052ED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_0052ED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0052EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051AA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_0051AA57
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00549576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_00549576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000000.00000002.2138247736.0000000000572000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_65cdce89-5
    Source: random.exe, 00000000.00000002.2138247736.0000000000572000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_a812ae48-f
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_23527b6c-a
    Source: random.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_42bf69bf-6
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F2DB7 NtQuerySystemInformation,17_2_0000018B9D9F2DB7
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F9332 NtQuerySystemInformation,17_2_0000018B9D9F9332
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051D5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_0051D5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00511201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00511201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051E8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_0051E8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004BBF400_2_004BBF40
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005220460_2_00522046
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B80600_2_004B8060
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005182980_2_00518298
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004EE4FF0_2_004EE4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004E676B0_2_004E676B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005448730_2_00544873
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004BCAF00_2_004BCAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004DCAA00_2_004DCAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004CCC390_2_004CCC39
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004E6DD90_2_004E6DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004CB1190_2_004CB119
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B91C00_2_004B91C0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D13940_2_004D1394
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D17060_2_004D1706
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D781B0_2_004D781B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004C997D0_2_004C997D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B79200_2_004B7920
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D19B00_2_004D19B0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D7A4A0_2_004D7A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D1C770_2_004D1C77
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D7CA70_2_004D7CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0053BE440_2_0053BE44
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004E9EEE0_2_004E9EEE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D1F320_2_004D1F32
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F2DB717_2_0000018B9D9F2DB7
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F933217_2_0000018B9D9F9332
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F9A5C17_2_0000018B9D9F9A5C
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F937217_2_0000018B9D9F9372
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 004D0A30 appears 46 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 004CF9F2 appears 40 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 004B9CB3 appears 31 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal80.troj.evad.winEXE@34/34@71/14
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005237B5 GetLastError,FormatMessageW,0_2_005237B5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005110BF AdjustTokenPrivileges,CloseHandle,0_2_005110BF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005116C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_005116C3
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005251CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_005251CD
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051D4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_0051D4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_0052648E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B42A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_004B42A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6108:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4852:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3480:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3788:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6468:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
    Source: firefox.exe, 0000000E.00000003.2207754565.000002B9D15E4000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
    Source: firefox.exe, 0000000E.00000003.2208137385.000002B9D129F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2286110295.000002B9D12A6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
    Source: random.exeVirustotal: Detection: 26%
    Source: random.exeReversingLabs: Detection: 31%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2104 -prefMapHandle 2096 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2c1f52b-5438-4ca1-98f7-d2c76f772c26} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9b5670b10 socket
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3008 -parentBuildID 20230927232528 -prefsHandle 2988 -prefMapHandle 3020 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c0f3fc0-8d05-409b-831e-84e529f5bfeb} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9c7df5d10 rdd
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5124 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5076 -prefMapHandle 5072 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe98f088-833d-4ecb-aeac-9d8e65171bf6} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9ce493910 utility
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2104 -prefMapHandle 2096 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2c1f52b-5438-4ca1-98f7-d2c76f772c26} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9b5670b10 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3008 -parentBuildID 20230927232528 -prefsHandle 2988 -prefMapHandle 3020 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c0f3fc0-8d05-409b-831e-84e529f5bfeb} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9c7df5d10 rddJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5124 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5076 -prefMapHandle 5072 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe98f088-833d-4ecb-aeac-9d8e65171bf6} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9ce493910 utilityJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: UxTheme.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xWindows.Security.Integrity.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000E.00000003.2226435091.000002B9C4EBB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winsta.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: bcrypt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WscApi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2224531972.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: msvcrt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xWindows.StateRepositoryPS.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8WinTypes.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xul.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mozglue.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winnsi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dcomp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8dhcpcsvc6.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8softokn3.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntmarta.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: urlmon.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8twinapi.appcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8kernelbase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shlwapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2223141968.000002B9C9A01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8CoreMessaging.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: win32u.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8bcryptprimitives.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: firefox.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: srvcli.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: imm32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: freebl3.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ws2_32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mswsock.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8gkcodecs.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8iphlpapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nsi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8ExplorerFrame.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winmm.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ole32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8CoreUIComponents.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8osclientcerts.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8cryptbase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8cfgmgr32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msasn1.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: DWrite.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: combase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8iertutil.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8dhcpcsvc.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000E.00000003.2225900721.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: nss3.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8webauthn.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Kernel.Appcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8ColorAdapterClient.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8powrprof.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wsock32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8MMDevAPI.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8oleaut32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rpcrt4.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8TextInputFramework.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2225900721.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2226435091.000002B9C4EBB000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: 8InputHost.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8ucrtbase.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8audioses.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Bcp47mrm.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8netutils.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: shell32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8rasadhlp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Bcp47Langs.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8msvcp_win.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8wtsapi32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8taskschd.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2224531972.000002B9C4EB4000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: userenv.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.UI.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8fwpuclnt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msimg32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: devobj.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d3d11.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2223141968.000002B9C9A01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: 8advapi32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.Storage.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbghelp.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8OnDemandConnRouteHelper.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8netprofm.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: gdi32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: profapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.Globalization.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WLDP.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sechost.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8directmanipulation.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8setupapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: propsys.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8lgpllibs.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: 8gdi32full.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winrnr.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msctf.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: version.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dbgcore.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mscms.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: user32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: twinapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8DataExchange.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: 8wintrust.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: psapi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8WindowManagementAPI.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntdll.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dxgi.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8npmproxy.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8linkinfo.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: 8Windows.UI.Immersive.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: crypt32.pdb source: firefox.exe, 0000000E.00000003.2206531124.000002B9D1CC1000.00000004.00000800.00020000.00000000.sdmp
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_004B42DE
    Source: gmpopenh264.dll.tmp.14.drStatic PE information: section name: .rodata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D0A76 push ecx; ret 0_2_004D0A89
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004CF98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_004CF98E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00541C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_00541C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-95220
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F2DB7 rdtsc 17_2_0000018B9D9F2DB7
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 3.8 %
    Source: C:\Users\user\Desktop\random.exe TID: 2684Thread sleep count: 114 > 30Jump to behavior
    Source: C:\Users\user\Desktop\random.exe TID: 2684Thread sleep count: 116 > 30Jump to behavior
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0051DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004EC2A2 FindFirstFileExW,0_2_004EC2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005268EE FindFirstFileW,FindClose,0_2_005268EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0052698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0051D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0051D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00529642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00529642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0052979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00529B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00529B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00525C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00525C97
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_004B42DE
    Source: random.exe, 00000000.00000003.2136489296.00000000019CC000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2136634362.00000000019D2000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2137334382.00000000019F2000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2136348982.00000000019C4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupHyper-V RAW
    Source: random.exe, 00000000.00000003.2136489296.0000000001A00000.00000004.00000020.00020000.00000000.sdmp, random.exe, 00000000.00000003.2137195752.0000000001A07000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWm|
    Source: firefox.exe, 00000010.00000002.3323544538.000002772ABF6000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3328360761.0000018B9DFF0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3327931619.0000014F4DC00000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323279991.0000014F4D84A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 00000010.00000002.3328745889.000002772B01F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: firefox.exe, 00000011.00000002.3328360761.0000018B9DFF0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllL
    Source: firefox.exe, 00000010.00000002.3330082709.000002772B100000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllyV
    Source: firefox.exe, 00000010.00000002.3323544538.000002772ABCA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
    Source: firefox.exe, 00000011.00000002.3321922488.0000018B9D7CA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 00000010.00000002.3330082709.000002772B100000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3328360761.0000018B9DFF0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000018B9D9F2DB7 rdtsc 17_2_0000018B9D9F2DB7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0052EAA2 BlockInput,0_2_0052EAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004E2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_004E2622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_004B42DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D4CE8 mov eax, dword ptr fs:[00000030h]0_2_004D4CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00510B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00510B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004E2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_004E2622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_004D083F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D09D5 SetUnhandledExceptionFilter,0_2_004D09D5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D0C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_004D0C21
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00511201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00511201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004F2BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_004F2BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0051B226 SendInput,keybd_event,0_2_0051B226
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005322DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_005322DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00510B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00510B62
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00511663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_00511663
    Source: random.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004D0698 cpuid 0_2_004D0698
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0050D21C GetLocalTime,0_2_0050D21C
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0050D27A GetUserNameW,0_2_0050D27A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004EB952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_004EB952
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_004B42DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 1088, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 1088, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00531204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_00531204
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00531806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_00531806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		2
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		Security Account Manager2
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets131
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials11
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job11
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1610232 Sample: random.exe Startdate: 08/02/2025 Architecture: WINDOWS Score: 80 45 youtube.com 2->45 47 youtube-ui.l.google.com 2->47 49 38 other IPs or domains 2->49 57 Antivirus / Scanner detection for submitted sample 2->57 59 Multi AV Scanner detection for submitted file 2->59 61 Yara detected Credential Flusher 2->61 63 3 other signatures 2->63 8 random.exe 2->8         started        11 firefox.exe 1 2->11         started        signatures3 process4 signatures5 65 Binary is likely a compiled AutoIt script file 8->65 67 Found API chain indicative of sandbox detection 8->67 13 taskkill.exe 1 8->13         started        15 taskkill.exe 1 8->15         started        17 taskkill.exe 1 8->17         started        23 3 other processes 8->23 19 firefox.exe 3 216 11->19         started        process6 dnsIp7 25 conhost.exe 13->25         started        27 conhost.exe 15->27         started        29 conhost.exe 17->29         started        51 youtube.com 142.250.185.238, 443, 49711, 49712 GOOGLEUS United States 19->51 53 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49713, 49719, 49721 GOOGLEUS United States 19->53 55 12 other IPs or domains 19->55 41 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 19->41 dropped 43 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 19->43 dropped 31 firefox.exe 1 19->31         started        33 firefox.exe 1 19->33         started        35 firefox.exe 1 19->35         started        37 conhost.exe 23->37         started        39 conhost.exe 23->39         started        file8 process9

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe27%VirustotalBrowse
    random.exe32%ReversingLabsWin32.Trojan.Generic
    random.exe100%AviraTR/ATRAPS.Gen
    random.exe100%Joe Sandbox ML

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://youtube.comZ0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		96.7.128.186
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.0.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		104.244.42.1
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		52.35.152.253
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.1.91
                  		truefalse
                    		high
                    dyna.wikimedia.org
                    		185.15.59.224
                    		truefalse
                      		high
                      prod.remote-settings.prod.webservices.mozgcp.net
                      		34.149.100.209
                      		truefalse
                        		high
                        contile.services.mozilla.com
                        		34.117.188.166
                        		truefalse
                          		high
                          youtube.com
                          		142.250.185.238
                          		truefalse
                            		high
                            prod.content-signature-chains.prod.webservices.mozgcp.net
                            		34.160.144.191
                            		truefalse
                              		high
                              a19.dscg10.akamai.net
                              		2.22.61.56
                              		truefalse
                                		high
                                youtube-ui.l.google.com
                                		142.250.181.238
                                		truefalse
                                  		high
                                  us-west1.prod.sumo.prod.webservices.mozgcp.net
                                  		34.149.128.2
                                  		truefalse
                                    		high
                                    reddit.map.fastly.net
                                    		151.101.65.140
                                    		truefalse
                                      		high
                                      ipv4only.arpa
                                      		192.0.0.171
                                      		truefalse
                                        		high
                                        prod.ads.prod.webservices.mozgcp.net
                                        		34.117.188.166
                                        		truefalse
                                          		high
                                          push.services.mozilla.com
                                          		34.107.243.93
                                          		truefalse
                                            		high
                                            normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                            		34.49.51.44
                                            		truefalse
                                              		high
                                              telemetry-incoming.r53-2.services.mozilla.com
                                              		34.120.208.123
                                              		truefalse
                                                		high
                                                www.reddit.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  spocs.getpocket.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    content-signature-2.cdn.mozilla.net
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      support.mozilla.org
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        firefox.settings.services.mozilla.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          www.youtube.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            www.facebook.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              detectportal.firefox.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                normandy.cdn.mozilla.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  shavar.services.mozilla.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    www.wikipedia.org
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://youtube.comZfirefox.exe, 0000000E.00000003.2260668527.0000274B04503000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                        		high
                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 00000012.00000002.3323782844.0000014F4DBC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                            		high
                                                                            https://datastudio.google.com/embed/reporting/firefox.exe, 0000000E.00000003.2168044034.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248304420.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271882134.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2249719860.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269342696.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://www.mozilla.com0gmpopenh264.dll.tmp.14.drfalse
                                                                                		high
                                                                                https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                    		high
                                                                                    https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000012.00000002.3323782844.0000014F4DB8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://spocs.getpocket.com/spocsfirefox.exe, 0000000E.00000003.2287516492.000002B9CDA51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277805252.000002B9C72BD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://screenshots.firefox.comfirefox.exe, 0000000E.00000003.2284235434.000002B9C527E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://shavar.services.mozilla.comfirefox.exe, 0000000E.00000003.2249719860.000002B9CF445000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://completion.amazon.com/search/complete?q=firefox.exe, 0000000E.00000003.2109938051.000002B9C5838000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110200127.000002B9C586F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110074844.000002B9C5853000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110319799.000002B9C588A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000E.00000003.2277663498.000002B9C72D3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000E.00000003.2286153995.000002B9D1272000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://monitor.firefox.com/breach-details/firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://github.com/w3c/csswg-drafts/issues/4650firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000E.00000003.2251342185.000002B9CD7EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://profiler.firefox.com/firefox.exe, 0000000E.00000003.2284235434.000002B9C527E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://www.msn.comfirefox.exe, 0000000E.00000003.2254595021.000002B9C8E82000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://mozilla.org/0firefox.exe, 0000000E.00000003.2260668527.0000274B04503000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2260907514.00002E813E203000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000E.00000003.2109938051.000002B9C5838000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110200127.000002B9C586F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2110074844.000002B9C5853000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109799212.000002B9C581D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2109639574.000002B9C5600000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://youtube.com/firefox.exe, 0000000E.00000003.2208419241.000002B9CFB4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210660385.000002B9CD43B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136467326.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2256537716.000002B9C7EDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2289985417.000002B9CD472000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://content-signature-2.cdn.mozilla.net/firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://json-schema.org/draft/2020-12/schema/=firefox.exe, 0000000E.00000003.2283804385.000002B9C5540000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://api.accounts.firefox.com/v1firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://www.amazon.com/firefox.exe, 0000000E.00000003.2272512837.000002B9CD49C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://fpn.firefox.comfirefox.exe, 0000000E.00000003.2284006471.000002B9C52D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2firefox.exe, 0000000E.00000003.2255451509.000002B9C82B8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        http://win.mail.ru/cgi-bin/sentmsg?mailto=%sfirefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://www.youtube.com/firefox.exe, 00000012.00000002.3323782844.0000014F4DB0C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 00000012.00000002.3323782844.0000014F4DBC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://127.0.0.1:firefox.exe, 0000000E.00000003.2283504782.000002B9C5689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000E.00000003.2167652389.000002B9C6C38000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000E.00000003.2146161006.000002B9C738D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://bugzilla.mofirefox.exe, 0000000E.00000003.2292907767.000002B9CE4AD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://mitmdetection.services.mozilla.com/firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000E.00000003.2277130999.000002B9C7421000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://youtube.com/account?=recovery.jsonlz4.tmp.14.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://shavar.services.mozilla.com/firefox.exe, 0000000E.00000003.2249719860.000002B9CF445000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBLfirefox.exe, 0000000E.00000003.2248544919.000002B9CDAC0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&reffirefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477firefox.exe, 00000010.00000002.3324217178.000002772AEC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DAEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3328171118.0000014F4DD03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://spocs.getpocket.com/firefox.exe, 0000000E.00000003.2287516492.000002B9CDA51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2292551599.000002B9CFB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294484359.000002B9CD43E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3324250603.0000018B9DA12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000012.00000002.3323782844.0000014F4DB13000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://youtube.com/account?=https://accounts.google.cofirefox.exe, 00000012.00000002.3322060243.0000014F4D760000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://merino.services.mozilla.com/api/v1/suggestaboutfirefox.exe, 00000010.00000002.3324217178.000002772AE72000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000000E.00000003.2136467326.000002B9CD4FE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000E.00000003.2279630492.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiprefs-1.js.14.drfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://www.inbox.lv/rfc2368/?value=%sufirefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://monitor.firefox.com/user/dashboardfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://monitor.firefox.com/aboutfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            http://mozilla.org/MPL/2.0/.firefox.exe, 0000000E.00000003.2255979157.000002B9C7FA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2138368545.000002B9C7FD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2221557547.000002B9C73F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2118000883.000002B9C5CD0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283804385.000002B9C5554000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2252649966.000002B9C8F35000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210660385.000002B9CD4A4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2229000013.000002B9C77D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2219269445.000002B9CD523000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2300699477.000002B9C7EBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212871607.000002B9C77D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2236249305.000002B9CD593000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283345129.000002B9C5B9D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210807383.000002B9C71DA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211163917.000002B9CD40E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115996169.000002B9C5CFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2255979157.000002B9C7FD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2248304420.000002B9CF4B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115569027.000002B9C5CFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2133632867.000002B9CD599000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2206510376.000002B9C5CE0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://account.bellmedia.cfirefox.exe, 0000000E.00000003.2254595021.000002B9C8E82000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://login.microsoftonline.comfirefox.exe, 0000000E.00000003.2254595021.000002B9C8E82000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://coverage.mozilla.orgfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    http://crl.thawte.com/ThawteTimestampingCA.crl0gmpopenh264.dll.tmp.14.drfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      http://x1.c.lencr.org/0firefox.exe, 0000000E.00000003.2208419241.000002B9CFB4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210020084.000002B9CD693000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        http://x1.i.lencr.org/0firefox.exe, 0000000E.00000003.2208419241.000002B9CFB4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2210020084.000002B9CD693000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          http://a9.com/-/spec/opensearch/1.1/firefox.exe, 0000000E.00000003.2279630492.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2250341638.000002B9CD9E2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000000E.00000003.2219269445.000002B9CD546000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://blocked.cdn.mozilla.net/firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnoredfirefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  https://json-schema.org/draft/2019-09/schemafirefox.exe, 0000000E.00000003.2287516492.000002B9CDA29000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 0000000E.00000003.2293926090.000002B9CD634000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      https://duckduckgo.com/?t=ffab&q=firefox.exe, 0000000E.00000003.2210660385.000002B9CD49C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        https://profiler.firefox.comfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          https://outlook.live.com/default.aspx?rru=compose&to=%sfirefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            https://identity.mozilla.com/apps/relayfirefox.exe, 0000000E.00000003.2256765906.000002B9C76CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279204182.000002B9C76DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              https://mozilla.cloudflare-dns.com/dns-queryfirefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2firefox.exe, 0000000E.00000003.2137482157.000002B9C81A6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                  https://bugzilla.mozilla.org/show_bug.cgi?id=1678448firefox.exe, 0000000E.00000003.2168044034.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167652389.000002B9C6C41000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                    https://mail.yahoo.co.jp/compose/?To=%sfirefox.exe, 0000000E.00000003.2284006471.000002B9C52C2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2238746452.000002B9C513B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2216043245.000002B9C511D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211697404.000002B9C5473000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                      https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/firefox.exe, 0000000E.00000003.2292066550.000002B9D1224000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                        https://contile.services.mozilla.com/v1/tilesfirefox.exe, 0000000E.00000003.2293389196.000002B9CD7C4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3327968700.000002772AF00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3323226332.0000018B9D980000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000012.00000002.3323115716.0000014F4D7C0000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                                          https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/firefox.exe, 0000000E.00000003.2206531124.000002B9D1CE8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                            		high

                                                                                                                                                                                                                                                                            World Map of Contacted IPs

                                                                                                                                                                                                                                                                            • No. of IPs < 25%
                                                                                                                                                                                                                                                                            • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                            • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                            • 75% < No. of IPs

                                                                                                                                                                                                                                                                            Public IPs

                                                                                                                                                                                                                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                            151.101.1.91
                                                                                                                                                                                                                                                                            		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                            2.22.61.56
                                                                                                                                                                                                                                                                            		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                            34.149.100.209
                                                                                                                                                                                                                                                                            		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                            34.107.243.93
                                                                                                                                                                                                                                                                            		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            142.250.185.238
                                                                                                                                                                                                                                                                            		youtube.comUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            34.107.221.82
                                                                                                                                                                                                                                                                            		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            52.35.152.253
                                                                                                                                                                                                                                                                            		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                            35.244.181.201
                                                                                                                                                                                                                                                                            		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            34.49.51.44
                                                                                                                                                                                                                                                                            		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                            34.117.188.166
                                                                                                                                                                                                                                                                            		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                            		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                            35.190.72.216
                                                                                                                                                                                                                                                                            		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                            34.160.144.191
                                                                                                                                                                                                                                                                            		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                            		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                            34.120.208.123
                                                                                                                                                                                                                                                                            		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                            Private

                                                                                                                                                                                                                                                                            IP
                                                                                                                                                                                                                                                                            127.0.0.1

                                                                                                                                                                                                                                                                            General Information

                                                                                                                                                                                                                                                                            Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                                            Analysis ID:1610232
                                                                                                                                                                                                                                                                            Start date and time:2025-02-08 20:27:13 +01:00
                                                                                                                                                                                                                                                                            Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                            Overall analysis duration:0h 7m 6s
                                                                                                                                                                                                                                                                            Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                            Report type:full
                                                                                                                                                                                                                                                                            Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                            Number of analysed new started processes analysed:21
                                                                                                                                                                                                                                                                            Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                            Number of existing processes analysed:0
                                                                                                                                                                                                                                                                            Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                            Number of injected processes analysed:0
                                                                                                                                                                                                                                                                            Technologies:
                                                                                                                                                                                                                                                                            • HCA enabled
                                                                                                                                                                                                                                                                            • EGA enabled
                                                                                                                                                                                                                                                                            • AMSI enabled
                                                                                                                                                                                                                                                                            Analysis Mode:default
                                                                                                                                                                                                                                                                            Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                            Sample name:random.exe
                                                                                                                                                                                                                                                                            Detection:MAL
                                                                                                                                                                                                                                                                            Classification:mal80.troj.evad.winEXE@34/34@71/14
                                                                                                                                                                                                                                                                            EGA Information:
                                                                                                                                                                                                                                                                            • Successful, ratio: 40%
                                                                                                                                                                                                                                                                            HCA Information:
                                                                                                                                                                                                                                                                            • Successful, ratio: 95%
                                                                                                                                                                                                                                                                            • Number of executed functions: 51
                                                                                                                                                                                                                                                                            • Number of non-executed functions: 286
                                                                                                                                                                                                                                                                            Cookbook Comments:
                                                                                                                                                                                                                                                                            • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                                            Warnings

                                                                                                                                                                                                                                                                            • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                                                                            • Excluded IPs from analysis (whitelisted): 172.217.23.110, 142.250.185.106, 142.250.184.234, 142.250.185.110, 184.28.90.27, 13.107.246.45, 20.109.210.53, 4.245.163.56
                                                                                                                                                                                                                                                                            • Excluded domains from analysis (whitelisted): fs.microsoft.com, ciscobinary.openh264.org, ocsp.digicert.com, redirector.gvt1.com, otelrules.azureedge.net, slscr.update.microsoft.com, incoming.telemetry.mozilla.org, ctldl.windowsupdate.com, safebrowsing.googleapis.com, aus5.mozilla.org, location.services.mozilla.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                                                                                            • Execution Graph export aborted for target firefox.exe, PID 1396 because there are no executed function
                                                                                                                                                                                                                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                            • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                            Simulations

                                                                                                                                                                                                                                                                            Behavior and APIs

                                                                                                                                                                                                                                                                            TimeTypeDescription
                                                                                                                                                                                                                                                                            14:28:16API Interceptor1x Sleep call for process: firefox.exe modified

                                                                                                                                                                                                                                                                            Joe Sandbox View / Context

                                                                                                                                                                                                                                                                            IPs

                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                            151.101.1.91https://mailtrack.io/l/f417f9a1ba0740bbe0f8b9fcdcdd50bf6dcca2afGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                              https://alexandrameadows.com/paypay-loginGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                phish_alert_iocp_v1.4.48 (38).emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                  https://exclusivasarteca.com/paypay-loginGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    https://jarqiull.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      http://coinbasewalletus.wixsite.com/coiinbasewaletsignupGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        https://enchanted-bony-card.glitch.me/log.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          http://freeweeklygiveaways.wixsite.com/airdropsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            https://nebulous-dawn-bard.glitch.me/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              http://metamaskvip.wixsite.com/airdropsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                2.22.61.56random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                                                34.149.100.209random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                    c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                      4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                    Domains

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    example.orgrandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.133
                                                                                                                                                                                                                                                                                                                    HEnpMb8iZs.exeGet hashmaliciousAmadey, Healer AV Disabler, LummaC Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, Healer AV Disabler, KeyLogger, LummaC Stealer, Stealc, StormKittyBrowse
                                                                                                                                                                                                                                                                                                                    • 96.7.128.192
                                                                                                                                                                                                                                                                                                                    4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 96.7.128.192
                                                                                                                                                                                                                                                                                                                    fimA8mhs11.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                    • 96.7.128.192
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 96.7.128.192
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.132
                                                                                                                                                                                                                                                                                                                    0xqfQZufeQ.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                    • 23.215.0.133
                                                                                                                                                                                                                                                                                                                    twitter.comrandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 104.244.42.129
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 104.244.42.1
                                                                                                                                                                                                                                                                                                                    star-mini.c10r.facebook.comhttp://metmskextnsion.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.252.35
                                                                                                                                                                                                                                                                                                                    https://loguin--kucuin.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.252.35
                                                                                                                                                                                                                                                                                                                    https://polo.feathr.co/view_email?cpn_id=67a0f09e35e91883eb109c21&t_id=67a0f09e35e91883eb109c22&per_id=679a8bd3bce6fb5dbc9be64fGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.252.35
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.252.35
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.253.35
                                                                                                                                                                                                                                                                                                                    https://saber-mercurial-tang.glitch.me/ONENOTE.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.0.35
                                                                                                                                                                                                                                                                                                                    https://www.flugger.pl/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.0.35
                                                                                                                                                                                                                                                                                                                    https://wp-cdn.top/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.253.35
                                                                                                                                                                                                                                                                                                                    FiddlerSetup.5.0.20251.1171-latest.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.251.35
                                                                                                                                                                                                                                                                                                                    https://www.meintercept.com/5MX46D/XQW2DT/?uid=14026&sub1=gretchen_rubin&sub2=newsletter&sub3=01_31_2025Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 157.240.0.35

                                                                                                                                                                                                                                                                                                                    ASNs

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    FASTLYUSl4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 185.199.108.133
                                                                                                                                                                                                                                                                                                                    filw.exeGet hashmaliciousStealeriumBrowse
                                                                                                                                                                                                                                                                                                                    • 185.199.108.133
                                                                                                                                                                                                                                                                                                                    main.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 185.199.108.133
                                                                                                                                                                                                                                                                                                                    europe.exeGet hashmaliciousLummaC, GO Backdoor, LummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                    • 185.199.108.133
                                                                                                                                                                                                                                                                                                                    https://docs.google.com/drawings/d/1jMxa3xnHDyQJ5_Ou8skqyuRslhdmGmULR5h7goJFaB0/previewGet hashmaliciousGRQ ScamBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.194.208
                                                                                                                                                                                                                                                                                                                    https://github.com/Berusol/Xeno-Executor/releases/download/Setup/Xeno.Roblox.rarGet hashmaliciousLummaC Stealer, PureLog Stealer, Xmrig, zgRATBrowse
                                                                                                                                                                                                                                                                                                                    • 185.199.109.133
                                                                                                                                                                                                                                                                                                                    https://hdtodaytv.picsGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.1.229
                                                                                                                                                                                                                                                                                                                    https://docs-trzor-cdn-suite.weebly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.129.46
                                                                                                                                                                                                                                                                                                                    https://trezzor-suiteapp.github.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 185.199.108.153
                                                                                                                                                                                                                                                                                                                    http://f9ffbe30-9ed1-4ee5-989b-efe75841acd7-00-3p9n3xujzx1f7.riker.replit.dev/english.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 151.101.66.137
                                                                                                                                                                                                                                                                                                                    AKAMAI-ASN1EUfilw.exeGet hashmaliciousStealeriumBrowse
                                                                                                                                                                                                                                                                                                                    • 23.209.72.17
                                                                                                                                                                                                                                                                                                                    Setup.exeGet hashmaliciousPureLog Stealer, Vidar, zgRATBrowse
                                                                                                                                                                                                                                                                                                                    • 2.16.164.33
                                                                                                                                                                                                                                                                                                                    https://hdtodaytv.picsGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 2.21.65.153
                                                                                                                                                                                                                                                                                                                    http://upholdin.godaddysites.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 2.19.96.178
                                                                                                                                                                                                                                                                                                                    https://sso-uphold--com-cdn--y-auth.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 72.247.154.208
                                                                                                                                                                                                                                                                                                                    https://m-uphold-com-ccdn-auths.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 2.16.100.98
                                                                                                                                                                                                                                                                                                                    250205-kc4a9aznbq_pw_infected.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 23.199.50.77
                                                                                                                                                                                                                                                                                                                    f_0139eeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 95.101.149.233
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 2.22.61.59
                                                                                                                                                                                                                                                                                                                    1VB7gm8.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                    • 23.55.235.186
                                                                                                                                                                                                                                                                                                                    ATGS-MMD-ASUSb1.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 48.245.3.211
                                                                                                                                                                                                                                                                                                                    https://hdtodaytv.picsGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    • 57.129.39.243
                                                                                                                                                                                                                                                                                                                    http://f9ffbe30-9ed1-4ee5-989b-efe75841acd7-00-3p9n3xujzx1f7.riker.replit.dev/english.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.173.153.191
                                                                                                                                                                                                                                                                                                                    f_0139eeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 57.129.39.243
                                                                                                                                                                                                                                                                                                                    BJKzw4jO7c.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                    • 57.129.59.27
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    8BU0MOmoNl.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                    • 57.129.59.27
                                                                                                                                                                                                                                                                                                                    jWkZpyQSo3.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                    • 34.149.87.45
                                                                                                                                                                                                                                                                                                                    http://ollama.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    • 34.36.133.15

                                                                                                                                                                                                                                                                                                                    JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    fb0aa01abe9d8e4037eb3473ca6e2dcarandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    0xqfQZufeQ.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91
                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    • 35.244.181.201
                                                                                                                                                                                                                                                                                                                    • 34.149.100.209
                                                                                                                                                                                                                                                                                                                    • 34.160.144.191
                                                                                                                                                                                                                                                                                                                    • 34.120.208.123
                                                                                                                                                                                                                                                                                                                    • 151.101.1.91

                                                                                                                                                                                                                                                                                                                    Dropped Files

                                                                                                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_ae61a548-a1d4-425f-99b5-5f79c0b90fcc.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.172716421570281
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:G68KMXc+xtbhbVbTbfbRbObtbyEl7n8rOJA6wnSrDtTkd/Sfs:GJP5tNhnzFSJcrtjnSrDhkd/h
                                                                                                                                                                                                                                                                                                                                        MD5:0B009B5B9A7639DEEA5FD0578D8877F7
                                                                                                                                                                                                                                                                                                                                        SHA1:41755800C4BAED50D28074D1B3BDE6ECAA51EE65
                                                                                                                                                                                                                                                                                                                                        SHA-256:723C3013A3B0CEF564B61C0643FCBDF290F201AA00E4620FAF2C6762352C6713
                                                                                                                                                                                                                                                                                                                                        SHA-512:00ABCECFB180892BBC7159D68D84C93021D4EF86BE998971449920D2036CCDF52B448928EDB7A1AB9A3F3FED8B241833DBFC597984E0EE0BC777616D66F369BE
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"type":"uninstall","id":"ae61a548-a1d4-425f-99b5-5f79c0b90fcc","creationDate":"2025-02-08T21:21:28.372Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_ae61a548-a1d4-425f-99b5-5f79c0b90fcc.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.172716421570281
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:G68KMXc+xtbhbVbTbfbRbObtbyEl7n8rOJA6wnSrDtTkd/Sfs:GJP5tNhnzFSJcrtjnSrDhkd/h
                                                                                                                                                                                                                                                                                                                                        MD5:0B009B5B9A7639DEEA5FD0578D8877F7
                                                                                                                                                                                                                                                                                                                                        SHA1:41755800C4BAED50D28074D1B3BDE6ECAA51EE65
                                                                                                                                                                                                                                                                                                                                        SHA-256:723C3013A3B0CEF564B61C0643FCBDF290F201AA00E4620FAF2C6762352C6713
                                                                                                                                                                                                                                                                                                                                        SHA-512:00ABCECFB180892BBC7159D68D84C93021D4EF86BE998971449920D2036CCDF52B448928EDB7A1AB9A3F3FED8B241833DBFC597984E0EE0BC777616D66F369BE
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"type":"uninstall","id":"ae61a548-a1d4-425f-99b5-5f79c0b90fcc","creationDate":"2025-02-08T21:21:28.372Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                        MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                        SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                        SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                        SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):453023
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                                        MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                                        SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                                        SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                                        SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.924250529726958
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YnSwkmrOVPUFRbOdwNIOdoWLEWLtkDZuwpx5FBvipA6kb92the6LuhakNDy9XbxE:8S+OVPUFRbOdwNIOdYpjvY1Q6LMyF8P
                                                                                                                                                                                                                                                                                                                                        MD5:25A75E811E6C84D318E7E2D7911576B0
                                                                                                                                                                                                                                                                                                                                        SHA1:EFB05C44D443DC2C64077871E54ED8F8E4A4AAEB
                                                                                                                                                                                                                                                                                                                                        SHA-256:42956FEB510923F3A185C9C806D50FE31E96EB159166693079AC1B669A6F9634
                                                                                                                                                                                                                                                                                                                                        SHA-512:F9B250300187404B216B0A5789609298F4349FBBA9838490D25577E76D9FB9C1C8896879B349A3393564B769EEA49484424883A272D91988CE382E61C5C805C3
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"3ba649bc-be47-4b92-8762-21cab57bda3b","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-04T13:40:33.697Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.924250529726958
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YnSwkmrOVPUFRbOdwNIOdoWLEWLtkDZuwpx5FBvipA6kb92the6LuhakNDy9XbxE:8S+OVPUFRbOdwNIOdYpjvY1Q6LMyF8P
                                                                                                                                                                                                                                                                                                                                        MD5:25A75E811E6C84D318E7E2D7911576B0
                                                                                                                                                                                                                                                                                                                                        SHA1:EFB05C44D443DC2C64077871E54ED8F8E4A4AAEB
                                                                                                                                                                                                                                                                                                                                        SHA-256:42956FEB510923F3A185C9C806D50FE31E96EB159166693079AC1B669A6F9634
                                                                                                                                                                                                                                                                                                                                        SHA-512:F9B250300187404B216B0A5789609298F4349FBBA9838490D25577E76D9FB9C1C8896879B349A3393564B769EEA49484424883A272D91988CE382E61C5C805C3
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"3ba649bc-be47-4b92-8762-21cab57bda3b","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-04T13:40:33.697Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                        MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                        SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                        SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                        SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                        MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                        SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                        SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                        SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):24
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                        MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                        SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                        SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                        SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):24
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                        MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                        SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                        SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                        SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):262144
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                                        MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                                        SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                                        SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                                        SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):66
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                        MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                        SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                        SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                        SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):66
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                        MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                        SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                        SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                        SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.1867463390487
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                                                                                                                                                                                                                                                                        MD5:98875950B62B398FFE70C0A8D0998017
                                                                                                                                                                                                                                                                                                                                        SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                                                                                                                                                                                                                                                                        SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                                                                                                                                                                                                                                                                        SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.1867463390487
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                                                                                                                                                                                                                                                                        MD5:98875950B62B398FFE70C0A8D0998017
                                                                                                                                                                                                                                                                                                                                        SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                                                                                                                                                                                                                                                                        SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                                                                                                                                                                                                                                                                        SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                        MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                        SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                        SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                        SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                        MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                        SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                        SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                        SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                        Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                        MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                        SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                        SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                        SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):116
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                        MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                        SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                        SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                        SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):116
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                        MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                        SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                        SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                        SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.07333858257979299
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zki:DLhesh7Owd4+ji
                                                                                                                                                                                                                                                                                                                                        MD5:668C6DCBF387315B7511643718CD4C3C
                                                                                                                                                                                                                                                                                                                                        SHA1:42BCEE038EDDE804AFDF6088334BF009B7D30055
                                                                                                                                                                                                                                                                                                                                        SHA-256:F4D104FBF32ED71A9D7B2C10C7EB757A34B6BDD2540525C9ED085C1A403F7CFE
                                                                                                                                                                                                                                                                                                                                        SHA-512:6B80A009D4E7407286663722AC1FFD140D1C02B2E10BD0EEF0A0028C801B8C6CA97A918BEC285FEF99104DD43821AE56425AC9851CB8FB7CD05D09F2531B2CB8
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.03547963191936293
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:GtlstFw6x/q0F6YlstFw6x/q0Fw//T89//alEl:GtWty6o0ZWty6o0eL89XuM
                                                                                                                                                                                                                                                                                                                                        MD5:6E93A4DECB52D8BDB004E9E80E3AE595
                                                                                                                                                                                                                                                                                                                                        SHA1:5AF7B58F73B8971A349E5E27AB5D30889C1B69FC
                                                                                                                                                                                                                                                                                                                                        SHA-256:BDDEFBF2A1C3183E5C5864B3A124C33F6C04750F95477D5E659EEF57A9E6AC4E
                                                                                                                                                                                                                                                                                                                                        SHA-512:EBFF039E9F6DC51511A09F3CD1781E83F543E73F43F888E2847C1689608B0A0E5105B0C42BA5BBD209BCF7159A2F87ECF8CA6DA3587C57D84C286BB56FCC4151
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:..-.....................'.)...+.u..".Uw....[.e.}..-.....................'.)...+.u..".Uw....[.e.}........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):32824
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.04001911727921433
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Ol1BS7X/ofQMTKTxvltl8rEXsxdwhml8XW3R2:KTS7X/sK3tl8dMhm93w
                                                                                                                                                                                                                                                                                                                                        MD5:6C677732A24A12056E19452A71FFB056
                                                                                                                                                                                                                                                                                                                                        SHA1:39DE6C31FBE7FB14977605502D512EE13B22521B
                                                                                                                                                                                                                                                                                                                                        SHA-256:9E2806AC6D0D484C79CB9B185A85FFD501FCCDC18C15EAD5A3EE4B695E5D602F
                                                                                                                                                                                                                                                                                                                                        SHA-512:692A6829ACB0EE6EB0807830281CF7A1A2EB304E79FA2142CE907CEC2344FF852F0733BD88953766DE3C791D17DBECFCB7F71D9472CABB91B5B2CF7BDE0B72E6
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:7....-..........u..".Uw...............u..".Uw..).'.+..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                                        Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.478665308386579
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:fnPOeRnLYbBp6wJ0aX+26SEXKA1NMq45RHWNBw8sRSl:XDepJUN1/2HEwX0
                                                                                                                                                                                                                                                                                                                                        MD5:A65187945D05D9F6BC9EE1F3751FBDEE
                                                                                                                                                                                                                                                                                                                                        SHA1:A2E0ED545B56485B2FD26E1020FEF87CC61BA374
                                                                                                                                                                                                                                                                                                                                        SHA-256:009D978234A8CC7B594C3DB34E87F9292E8FEABA4D42768F50938DF2F63EBC5A
                                                                                                                                                                                                                                                                                                                                        SHA-512:CD011DC376ECD8765C33A5C26941126759EECEC14B0FB519AA3FCB5E3D9AF87930BE6B83E2D60B8BBF6C42E349AADB63CA56DD817675164DFBDCF057367252BA
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739049658);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739049658);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739049658);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173904

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.478665308386579
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:fnPOeRnLYbBp6wJ0aX+26SEXKA1NMq45RHWNBw8sRSl:XDepJUN1/2HEwX0
                                                                                                                                                                                                                                                                                                                                        MD5:A65187945D05D9F6BC9EE1F3751FBDEE
                                                                                                                                                                                                                                                                                                                                        SHA1:A2E0ED545B56485B2FD26E1020FEF87CC61BA374
                                                                                                                                                                                                                                                                                                                                        SHA-256:009D978234A8CC7B594C3DB34E87F9292E8FEABA4D42768F50938DF2F63EBC5A
                                                                                                                                                                                                                                                                                                                                        SHA-512:CD011DC376ECD8765C33A5C26941126759EECEC14B0FB519AA3FCB5E3D9AF87930BE6B83E2D60B8BBF6C42E349AADB63CA56DD817675164DFBDCF057367252BA
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739049658);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739049658);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739049658);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173904

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                                        MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                                        SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                                        SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                                        SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):90
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                        MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                        SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                        SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                        SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):90
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                        MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                        SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                        SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                        SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1566
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.336947843347917
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:v+USUGlcAxSTgLXnIrW/pnxQwRSy4T5sKmgb0K3eHVpjO+SamhujJwO2c0TiVm0I:GUpOxV/nRSjegp3erjxS4Jwc3zBt4
                                                                                                                                                                                                                                                                                                                                        MD5:4A6DAF8CB58D71E7B9728193ABF3550C
                                                                                                                                                                                                                                                                                                                                        SHA1:30CB4669BC3ED335BEC7D483C9A326A2DDF49891
                                                                                                                                                                                                                                                                                                                                        SHA-256:F568F04F312DBD99EAAE1C1CCDD4DF38C554656002CC082A87A0B40E33B94E4A
                                                                                                                                                                                                                                                                                                                                        SHA-512:9E90A39F6992AF70CA80DD692111189C730CBCD9B3CEC6467388EE366F873FD79303632E3C728B3BFDE49876F9A56C17F5691360918EB6DB11EA3855A4CD1F66
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{56c49681-7ca3-46a4-9d7c-ee0d526bf95f}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1739049662677,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t..(Flags":2150633470,"width":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate...8,"startTim..P28263...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...34274,"originA...."f

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1566
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.336947843347917
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:v+USUGlcAxSTgLXnIrW/pnxQwRSy4T5sKmgb0K3eHVpjO+SamhujJwO2c0TiVm0I:GUpOxV/nRSjegp3erjxS4Jwc3zBt4
                                                                                                                                                                                                                                                                                                                                        MD5:4A6DAF8CB58D71E7B9728193ABF3550C
                                                                                                                                                                                                                                                                                                                                        SHA1:30CB4669BC3ED335BEC7D483C9A326A2DDF49891
                                                                                                                                                                                                                                                                                                                                        SHA-256:F568F04F312DBD99EAAE1C1CCDD4DF38C554656002CC082A87A0B40E33B94E4A
                                                                                                                                                                                                                                                                                                                                        SHA-512:9E90A39F6992AF70CA80DD692111189C730CBCD9B3CEC6467388EE366F873FD79303632E3C728B3BFDE49876F9A56C17F5691360918EB6DB11EA3855A4CD1F66
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{56c49681-7ca3-46a4-9d7c-ee0d526bf95f}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1739049662677,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t..(Flags":2150633470,"width":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate...8,"startTim..P28263...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...34274,"originA...."f

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1566
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.336947843347917
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:v+USUGlcAxSTgLXnIrW/pnxQwRSy4T5sKmgb0K3eHVpjO+SamhujJwO2c0TiVm0I:GUpOxV/nRSjegp3erjxS4Jwc3zBt4
                                                                                                                                                                                                                                                                                                                                        MD5:4A6DAF8CB58D71E7B9728193ABF3550C
                                                                                                                                                                                                                                                                                                                                        SHA1:30CB4669BC3ED335BEC7D483C9A326A2DDF49891
                                                                                                                                                                                                                                                                                                                                        SHA-256:F568F04F312DBD99EAAE1C1CCDD4DF38C554656002CC082A87A0B40E33B94E4A
                                                                                                                                                                                                                                                                                                                                        SHA-512:9E90A39F6992AF70CA80DD692111189C730CBCD9B3CEC6467388EE366F873FD79303632E3C728B3BFDE49876F9A56C17F5691360918EB6DB11EA3855A4CD1F66
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{56c49681-7ca3-46a4-9d7c-ee0d526bf95f}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1739049662677,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t..(Flags":2150633470,"width":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate...8,"startTim..P28263...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...34274,"originA...."f

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 6, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):4096
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):2.0836444556178684
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:JBwdh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jnEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                                        MD5:8B40B1534FF0F4B533AF767EB5639A05
                                                                                                                                                                                                                                                                                                                                        SHA1:63EDB539EA39AD09D701A36B535C4C087AE08CC9
                                                                                                                                                                                                                                                                                                                                        SHA-256:AF275A19A5C2C682139266065D90C237282274D11C5619A121B7BDBDB252861B
                                                                                                                                                                                                                                                                                                                                        SHA-512:54AF707698CED33C206B1B193DA414D630901762E88E37E99885A50D4D5F8DDC28367C9B401DFE251CF0552B4FA446EE28F78A97C9096AFB0F2898BFBB673B53
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.029843474974554
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:yctMTEr5/lLmI2Ac1zzcxvbw6Kkgrc2Rn27:ATEr5NX0z3DhRe
                                                                                                                                                                                                                                                                                                                                        MD5:00685366F8A78F4C36FE2FFF0780B37F
                                                                                                                                                                                                                                                                                                                                        SHA1:CB81790113A2E8CB3278693BEBBFFB149A69F52A
                                                                                                                                                                                                                                                                                                                                        SHA-256:245A5E4C70E7C3564324DDAAB6995299984C059A6996A40310BA2C783D92F52E
                                                                                                                                                                                                                                                                                                                                        SHA-512:D2E2833456CCA07612E5BBEF188EF0489BC6A19A2231D756A79A01B8F37353765EFA684D3C644F39E95D88B9D1F754B0D3D788A7F5C7F0472BB45DD67FEFA9C7
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-08T21:20:44.167Z","profileAgeCreated":1696426830133,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.029843474974554
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:yctMTEr5/lLmI2Ac1zzcxvbw6Kkgrc2Rn27:ATEr5NX0z3DhRe
                                                                                                                                                                                                                                                                                                                                        MD5:00685366F8A78F4C36FE2FFF0780B37F
                                                                                                                                                                                                                                                                                                                                        SHA1:CB81790113A2E8CB3278693BEBBFFB149A69F52A
                                                                                                                                                                                                                                                                                                                                        SHA-256:245A5E4C70E7C3564324DDAAB6995299984C059A6996A40310BA2C783D92F52E
                                                                                                                                                                                                                                                                                                                                        SHA-512:D2E2833456CCA07612E5BBEF188EF0489BC6A19A2231D756A79A01B8F37353765EFA684D3C644F39E95D88B9D1F754B0D3D788A7F5C7F0472BB45DD67FEFA9C7
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-08T21:20:44.167Z","profileAgeCreated":1696426830133,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                        Static File Info

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.699562525078069
                                                                                                                                                                                                                                                                                                                                        TrID:
                                                                                                                                                                                                                                                                                                                                        • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                        • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                        File name:random.exe
                                                                                                                                                                                                                                                                                                                                        File size:968'704 bytes
                                                                                                                                                                                                                                                                                                                                        MD5:4cb7f8d6d02d0a8b31c24b632532f3b5
                                                                                                                                                                                                                                                                                                                                        SHA1:d94a1c2c7f1ee270ba2854cddcf4da106023ec67
                                                                                                                                                                                                                                                                                                                                        SHA256:c56deb44762dfe55715e5b2dcdd26c83ace4db66b0d6ea9b3dfb161013b6be4e
                                                                                                                                                                                                                                                                                                                                        SHA512:b82a1d703302883c109d8cca7e301fd1917d208df263adb1390e274cc7779615cbdd3bd26ea7f5c0afb40d9113df129566dfae357b393872e2132e0a51428a8d
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24576:uqDEvCTbMWu7rQYlBQcBiT6rprG8a2YWuR:uTvC/MTQYxsWR7a2R
                                                                                                                                                                                                                                                                                                                                        TLSH:82259E027391C062FF9B92334F5AF6515BBC69260123E61F13A81DB9BE701B1563E7A3
                                                                                                                                                                                                                                                                                                                                        File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                                        File Icon

                                                                                                                                                                                                                                                                                                                                        Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                                        Static PE Info

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                                        Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                        Digitally signed:false
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                        Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                        Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                        DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                        Time Stamp:0x67A7A953 [Sat Feb 8 18:58:27 2025 UTC]
                                                                                                                                                                                                                                                                                                                                        TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                        CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                        OS Version Major:5
                                                                                                                                                                                                                                                                                                                                        OS Version Minor:1
                                                                                                                                                                                                                                                                                                                                        File Version Major:5
                                                                                                                                                                                                                                                                                                                                        File Version Minor:1
                                                                                                                                                                                                                                                                                                                                        Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                        Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                                        Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                                        Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                        Instruction
                                                                                                                                                                                                                                                                                                                                        call 00007F2608E561B3h
                                                                                                                                                                                                                                                                                                                                        jmp 00007F2608E55ABFh
                                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                                        push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                                        call 00007F2608E55C9Dh
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                        mov eax, esi
                                                                                                                                                                                                                                                                                                                                        pop esi
                                                                                                                                                                                                                                                                                                                                        pop ebp
                                                                                                                                                                                                                                                                                                                                        retn 0004h
                                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                        mov eax, ecx
                                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                                        push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                                        call 00007F2608E55C6Ah
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                        mov eax, esi
                                                                                                                                                                                                                                                                                                                                        pop esi
                                                                                                                                                                                                                                                                                                                                        pop ebp
                                                                                                                                                                                                                                                                                                                                        retn 0004h
                                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                        mov eax, ecx
                                                                                                                                                                                                                                                                                                                                        and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                                        lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                        and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                                        and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                                        mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                        add eax, 04h
                                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                                        call 00007F2608E5885Dh
                                                                                                                                                                                                                                                                                                                                        pop ecx
                                                                                                                                                                                                                                                                                                                                        pop ecx
                                                                                                                                                                                                                                                                                                                                        mov eax, esi
                                                                                                                                                                                                                                                                                                                                        pop esi
                                                                                                                                                                                                                                                                                                                                        pop ebp
                                                                                                                                                                                                                                                                                                                                        retn 0004h
                                                                                                                                                                                                                                                                                                                                        lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                                        call 00007F2608E588A8h
                                                                                                                                                                                                                                                                                                                                        pop ecx
                                                                                                                                                                                                                                                                                                                                        ret
                                                                                                                                                                                                                                                                                                                                        push ebp
                                                                                                                                                                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                                                                                                                                                                        push esi
                                                                                                                                                                                                                                                                                                                                        mov esi, ecx
                                                                                                                                                                                                                                                                                                                                        lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                        mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                        push eax
                                                                                                                                                                                                                                                                                                                                        call 00007F2608E58891h
                                                                                                                                                                                                                                                                                                                                        test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                                        pop ecx

                                                                                                                                                                                                                                                                                                                                        Rich Headers

                                                                                                                                                                                                                                                                                                                                        Programming Language:
                                                                                                                                                                                                                                                                                                                                        • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                                        • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                                        Data Directories

                                                                                                                                                                                                                                                                                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x15de4.rsrc
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0xea0000x7594.reloc
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                        Sections

                                                                                                                                                                                                                                                                                                                                        NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                        .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                        .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                        .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                        .rsrc0xd40000x15de40x15e008a8b9db295c650a291ee12aa66fc7e0fFalse0.69890625data7.151763204874889IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                        .reloc0xea0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                        Resources

                                                                                                                                                                                                                                                                                                                                        NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                                        RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                                        RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                                        RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                                        RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                        RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                                        RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                                        RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                                        RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                                        RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                                        RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                                        RT_RCDATA0xdc8fc0xcf66data1.0004896975176103
                                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe98640x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe98dc0x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe98f00x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                                        RT_GROUP_ICON0xe99040x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                        RT_VERSION0xe99180xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                                        RT_MANIFEST0xe99f40x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                                        Imports

                                                                                                                                                                                                                                                                                                                                        DLLImport
                                                                                                                                                                                                                                                                                                                                        WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                                        VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                                        WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                                        COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                                        MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                                        WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                                        PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                                        IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                                        USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                                        UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                                        KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                                        USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                                        GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                                        COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                                        ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                                        SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                                        ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                                        OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                                        Version Infos

                                                                                                                                                                                                                                                                                                                                        DescriptionData
                                                                                                                                                                                                                                                                                                                                        Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                                        Possible Origin

                                                                                                                                                                                                                                                                                                                                        Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                        EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                                                                                                                                                                        Network Port Distribution

                                                                                                                                                                                                                                                                                                                                        TCP Packets

                                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.784468889 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.784512043 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.784638882 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.788409948 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.788424969 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.373940945 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.383339882 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.386204958 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.396682024 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.396692038 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.396815062 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.396972895 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:13.397066116 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163839102 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163877010 CET44349711142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.166909933 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.168302059 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.168317080 CET44349711142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.182766914 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.182809114 CET44349712142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.183913946 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.187854052 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.187874079 CET44349712142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.203996897 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.208775997 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.208863020 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.208987951 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.213798046 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.399487972 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.399529934 CET4434971535.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.399903059 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.400052071 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.400064945 CET4434971535.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.421950102 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.421979904 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.426964998 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.428411007 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.428428888 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.663686991 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.706373930 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.803540945 CET44349711142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.803679943 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.804243088 CET44349711142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.804296017 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.825809002 CET44349712142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.825886011 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.826806068 CET44349712142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.826878071 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.872472048 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.872508049 CET44349711142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.872665882 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.872801065 CET44349711142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.873728037 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.873752117 CET44349712142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.873843908 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.874010086 CET44349712142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.874228001 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.874272108 CET44349717142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.874696016 CET49711443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.874711990 CET49712443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.874753952 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.876597881 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.876612902 CET44349717142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.880500078 CET4434971535.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.880798101 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.883863926 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.883868933 CET4434971535.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.884243011 CET4434971535.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.887150049 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.887228966 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.887378931 CET4434971535.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.887444973 CET49715443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.888551950 CET49718443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.888591051 CET4434971834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.888659954 CET49718443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.890005112 CET49718443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.890018940 CET4434971834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.930392027 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.935396910 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.938419104 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.940148115 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.947005033 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.951236010 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.951267958 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.951582909 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.952327967 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.954148054 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.954168081 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.954591990 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.954698086 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.954719067 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.954968929 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.956394911 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.956412077 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.959383965 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.959465027 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.959611893 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.964428902 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.120403051 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.125241041 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.127947092 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.128107071 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.133321047 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.149509907 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.149548054 CET4434972234.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.150114059 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.150273085 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.150289059 CET4434972234.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.376238108 CET4434971834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.376458883 CET49718443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.381478071 CET49718443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.381491899 CET4434971834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.381601095 CET49718443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.381658077 CET4434971834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.381819010 CET49718443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.381985903 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.382025003 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.382108927 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.383431911 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.383445978 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.414489985 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.439817905 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.440239906 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.447711945 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.447722912 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.447787046 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.447932959 CET4434972034.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.448038101 CET49720443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.455332994 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.507922888 CET44349717142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.508006096 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.508603096 CET44349717142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.508657932 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.513700962 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.513714075 CET44349717142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.513793945 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.514027119 CET44349717142.250.185.238192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.517011881 CET49717443192.168.2.5142.250.185.238
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.573345900 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.624686956 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.642045021 CET4434972234.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.642139912 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.645015955 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.645025969 CET4434972234.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.645273924 CET4434972234.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.648593903 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.648760080 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.649007082 CET4434972234.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.649280071 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.649337053 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.649359941 CET49722443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.649581909 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.649714947 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.649739027 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.711585045 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.716433048 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.832792044 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.878684044 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.906788111 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.912203074 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.001929998 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.027651072 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.028446913 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.032793999 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.032805920 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.032921076 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.032991886 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.033077002 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.056711912 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.211091995 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.214257002 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.261183977 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.261218071 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.261527061 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.263820887 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.263894081 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.264003038 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.266890049 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.266913891 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.859303951 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.860901117 CET49726443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.860938072 CET4434972634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.863147974 CET49726443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.864573002 CET49726443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.864583015 CET4434972634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.865078926 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.887531042 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.893033981 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.956047058 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.982209921 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.019831896 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.035460949 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.061265945 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.066170931 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.096295118 CET49727443192.168.2.552.35.152.253
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.096321106 CET4434972752.35.152.253192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.096791029 CET49727443192.168.2.552.35.152.253
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.098206997 CET49727443192.168.2.552.35.152.253
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.098222017 CET4434972752.35.152.253192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.157882929 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.204951048 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.326822042 CET4434972634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.326916933 CET49726443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332151890 CET49726443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332151890 CET49726443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332165003 CET4434972634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332379103 CET4434972634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332510948 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332550049 CET4434972834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332580090 CET49726443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.332652092 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.333995104 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.334009886 CET4434972834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.768444061 CET49730443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.768491983 CET4434973034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.768784046 CET49730443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.770474911 CET49730443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.770486116 CET4434973034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.782532930 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.782567024 CET4434973135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.783994913 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.784106016 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.784116983 CET4434973135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.799768925 CET4434972834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.807343006 CET4434972834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.807384014 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.809420109 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.816443920 CET49732443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.816487074 CET4434973234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.819591045 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.819606066 CET4434972834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.819672108 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.822274923 CET49732443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.823585033 CET4434972834.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.823640108 CET49728443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.823734999 CET49732443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.823748112 CET4434973234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.870260000 CET4434972752.35.152.253192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.879328966 CET4434972752.35.152.253192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.884799004 CET49727443192.168.2.552.35.152.253
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.891659021 CET49727443192.168.2.552.35.152.253
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.891669989 CET4434972752.35.152.253192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.891755104 CET49727443192.168.2.552.35.152.253
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.891875029 CET4434972752.35.152.253192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.892405987 CET49727443192.168.2.552.35.152.253
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.230087996 CET4434973034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.230192900 CET49730443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.235564947 CET49730443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.235593081 CET4434973034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.235656977 CET49730443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.235789061 CET4434973034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.235866070 CET49730443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.239058018 CET4434973135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.239602089 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.242269039 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.242280006 CET4434973135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.242506981 CET4434973135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.245064020 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.245151997 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.245183945 CET4434973135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.245275974 CET49731443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.306134939 CET4434973234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.306219101 CET49732443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.311245918 CET49732443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.311259031 CET4434973234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.311327934 CET49732443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.311450958 CET4434973234.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:18.311518908 CET49732443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.368647099 CET49733443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.368712902 CET4434973334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.369178057 CET49733443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.372185946 CET49733443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.372206926 CET4434973334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.429406881 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.434233904 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.439100981 CET49734443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.439155102 CET4434973434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.439836979 CET49734443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.441283941 CET49734443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.441314936 CET4434973434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.523581028 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.573633909 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.729603052 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.734481096 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.752949953 CET49735443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.752986908 CET4434973534.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.755592108 CET49735443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.756896973 CET49735443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.756920099 CET4434973534.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.826565981 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.878165007 CET4434973334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.879350901 CET49733443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.880645990 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.884546995 CET49733443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.884578943 CET4434973334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.884660006 CET49733443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.884804010 CET4434973334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.891006947 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.895792961 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.896332979 CET49733443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.903691053 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.903733015 CET4434973634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.904752970 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.905086040 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.905096054 CET4434973634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.905594110 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.905637026 CET4434973734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.908224106 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.908358097 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.908374071 CET4434973734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.928021908 CET4434973434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.930840969 CET49734443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.954827070 CET49734443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.954863071 CET4434973434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.954986095 CET49734443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.955178976 CET4434973434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.955857038 CET49734443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.967879057 CET49738443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.967916012 CET4434973834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.968014956 CET49738443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.969408989 CET49738443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.969419956 CET4434973834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.985443115 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.991695881 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.996510029 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.027956009 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.088118076 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.143924952 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.249253988 CET4434973534.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.259809971 CET49735443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.299365997 CET49735443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.299408913 CET4434973534.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.299451113 CET49735443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.299704075 CET4434973534.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.313174963 CET49735443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.368741989 CET4434973634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.382261992 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.403007030 CET4434973734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.415328026 CET4434973734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.415373087 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.424573898 CET4434973834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.429080963 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.429114103 CET49738443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.447905064 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.447925091 CET4434973634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.448204994 CET4434973634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.451308966 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.451323986 CET4434973734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.451628923 CET4434973734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.451637030 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.451666117 CET4434973934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.460422993 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.471834898 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.471846104 CET4434973934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.506617069 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.506757975 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.506901026 CET4434973634.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.508028030 CET49736443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.517276049 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.936144114 CET4434973934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.936161041 CET4434973934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.936239958 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.991576910 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.991611958 CET4434973934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.991867065 CET49738443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.991893053 CET4434973834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.991936922 CET4434973934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.992165089 CET49738443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.992230892 CET4434973834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.995457888 CET49738443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996160984 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996256113 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996326923 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996408939 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996484041 CET4434973734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996495962 CET4434973934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996620893 CET49737443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.996639967 CET49739443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.435998917 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.440766096 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.529551029 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.573045015 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.800803900 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.800842047 CET4434976134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.801470995 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.801625967 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.801642895 CET4434976134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.310838938 CET4434976134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.310946941 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.566664934 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.566683054 CET4434976134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.566981077 CET4434976134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.570878029 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.570949078 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.571074963 CET4434976134.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.576204062 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.576204062 CET49761443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.359538078 CET49772443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.359584093 CET4434977234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.359672070 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.360974073 CET49772443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.362441063 CET49772443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.362456083 CET4434977234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.364483118 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.456063986 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.457961082 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.462733030 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.468774080 CET49778443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.468818903 CET4434977834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.469280958 CET49778443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.470732927 CET49778443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.470747948 CET4434977834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.500813961 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.551758051 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.601090908 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.825651884 CET4434977234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.825753927 CET49772443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.940393925 CET4434977834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.940501928 CET49778443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.996500015 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.001243114 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.001677036 CET49772443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.001705885 CET4434977234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.001827955 CET49772443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.001955032 CET49778443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.001962900 CET4434977234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.001986980 CET4434977834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.002007961 CET49778443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.002130985 CET49772443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.002245903 CET4434977834.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.002516985 CET49778443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.093291998 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.133836031 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.358057022 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.362894058 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.452128887 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.456155062 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.460958958 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.503792048 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.555416107 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.604156971 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.461457014 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.466538906 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.561758041 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.566529989 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.729187965 CET49849443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.729233980 CET4434984934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.729404926 CET49849443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.730895996 CET49849443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.730917931 CET4434984934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.197515011 CET4434984934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.197603941 CET49849443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.204720974 CET49849443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.204730988 CET4434984934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.204816103 CET49849443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.205192089 CET4434984934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.205272913 CET49849443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.208045959 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.212800026 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.302110910 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.306118965 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.310915947 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.348500013 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.453811884 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.502242088 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.643486977 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.643516064 CET4434986635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.655344009 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.657375097 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.657385111 CET4434986635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.666194916 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.666250944 CET4434986734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.670268059 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.670631886 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.670650959 CET4434986734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.672539949 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.672588110 CET44349868151.101.1.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.673237085 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.673383951 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.673399925 CET44349868151.101.1.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.703574896 CET49869443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.703618050 CET4434986935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.703849077 CET49869443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.705224037 CET49869443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.705244064 CET4434986935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.725184917 CET49871443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.725210905 CET4434987134.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.728715897 CET49871443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.730245113 CET49871443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.730269909 CET4434987134.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.129410982 CET4434986635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.129429102 CET4434986635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.129590988 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.133109093 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.133126020 CET4434986635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.133378029 CET4434986635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.136221886 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.136308908 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.136410952 CET4434986635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.136491060 CET49866443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.140268087 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.145114899 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.146680117 CET4434986734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.146754026 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.149863005 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.149873972 CET4434986734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.150171041 CET4434986734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.152725935 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.152725935 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.152961969 CET4434986734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.154012918 CET49867443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.161222935 CET44349868151.101.1.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.161312103 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.164633036 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.164644003 CET44349868151.101.1.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.164927959 CET44349868151.101.1.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.167072058 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.167167902 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.167221069 CET44349868151.101.1.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.172542095 CET49868443192.168.2.5151.101.1.91
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.175404072 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.175453901 CET4434987635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.175566912 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.175659895 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.175668001 CET4434987635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.177828074 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.177867889 CET4434987735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.178191900 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.178297997 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.178313017 CET4434987735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.180052042 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.180093050 CET4434987835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.180274010 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.180389881 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.180402994 CET4434987835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.208143950 CET4434986935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.208246946 CET49869443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.213246107 CET49869443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.213260889 CET4434986935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.213352919 CET49869443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.213430882 CET4434986935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.213454008 CET4434987134.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.213577986 CET49869443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.213622093 CET49871443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.218379974 CET49871443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.218390942 CET4434987134.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.218491077 CET49871443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.218555927 CET4434987134.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.218643904 CET49871443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.234031916 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.237099886 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.237145901 CET4434987934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.237338066 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.237415075 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.237422943 CET4434987934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.238827944 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.243622065 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.294858932 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.335710049 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.395158052 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.636859894 CET4434987735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.636992931 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.639889002 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.639902115 CET4434987735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.640150070 CET4434987735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.642874002 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.642966032 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.643018961 CET4434987735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.644608974 CET49877443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.647588015 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.649039984 CET4434987635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.649507999 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.652370930 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.652447939 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.652456999 CET4434987635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.652702093 CET4434987635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.653217077 CET4434987835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.654303074 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.654390097 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.654445887 CET4434987635.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.655602932 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.655623913 CET49876443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.655623913 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.658092022 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.658098936 CET4434987835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.658385038 CET4434987835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.661173105 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.661289930 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.661335945 CET4434987835.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.662405968 CET49878443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.672910929 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.677716970 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.677846909 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.678030968 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.682802916 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.701267958 CET4434987934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.701342106 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.704576015 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.704582930 CET4434987934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.704828024 CET4434987934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.706506014 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.706609011 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.706651926 CET4434987934.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.709379911 CET49879443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.741348028 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.752844095 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.757641077 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.796333075 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.850744009 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.896611929 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.310105085 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.310120106 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.310136080 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.310425043 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.312005043 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.312021971 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.312031984 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.312160015 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.314621925 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.314640045 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.314651012 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.317359924 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.317378044 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.317387104 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.318387032 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.319936037 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.319953918 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.319963932 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.319999933 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.400669098 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.400682926 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.400693893 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.400703907 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.400715113 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402319908 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402362108 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402374029 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402447939 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402462959 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402497053 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402508020 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402512074 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402518988 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.402616024 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405056000 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405067921 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405080080 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405091047 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405107975 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405136108 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405414104 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405422926 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.405459881 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.407975912 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.408015013 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.408026934 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.408066034 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.408077002 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.408853054 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.410403013 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.410460949 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.410470963 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.410484076 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.410494089 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.410988092 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491194010 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491211891 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491221905 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491267920 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491296053 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491324902 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491336107 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491364956 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491374969 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.491450071 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492193937 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492206097 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492217064 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492244005 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492928028 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492938995 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492949009 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.492993116 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493016958 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493181944 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493192911 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493204117 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493215084 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493227005 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493240118 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.493268967 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.494026899 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.494040966 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.494051933 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.494080067 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.494097948 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.495558023 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.495568991 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.495585918 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.495595932 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.495606899 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.495614052 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.495711088 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.496006966 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.496016979 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.496027946 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.496049881 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.496134996 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500497103 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500508070 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500519991 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500530958 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500543118 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500552893 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500555038 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500565052 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500591040 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500861883 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500915051 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500941992 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500952959 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500965118 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500976086 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.500991106 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.501061916 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504858971 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504873991 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504884005 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504894018 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504904985 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504915953 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504920959 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504929066 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.504937887 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.505120993 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.505125999 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.505136967 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.505146980 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.505268097 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.584079981 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586582899 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586597919 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586608887 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586621046 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586654902 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586698055 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586762905 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586786032 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586796045 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586807013 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586822033 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586823940 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586833954 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586848021 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586853981 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586857080 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586872101 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586920977 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586930037 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586941004 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586950064 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586962938 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586975098 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586986065 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586997032 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.586997032 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587012053 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587017059 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587021112 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587024927 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587029934 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587061882 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587073088 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587084055 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587086916 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587095022 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587105036 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587112904 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587115049 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587126017 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587136984 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587215900 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587225914 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587236881 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587296009 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587342024 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587513924 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587524891 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587531090 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587534904 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.587593079 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.588929892 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.588941097 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.588952065 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.588996887 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589070082 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589081049 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589123011 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589253902 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589265108 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589274883 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589313984 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.589328051 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.591784954 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.591797113 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.591806889 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.591846943 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592088938 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592099905 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592113018 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592181921 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592775106 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592786074 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592797041 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592808008 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.592920065 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593595982 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593777895 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593789101 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593799114 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593810081 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593822002 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593828917 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.593867064 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.594723940 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.594733000 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.594743967 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.594753981 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.594764948 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.594774961 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.594926119 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595809937 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595822096 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595832109 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595843077 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595851898 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595864058 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595865011 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595874071 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.595906019 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596671104 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596683025 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596693993 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596699953 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596735001 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596812963 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596823931 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596834898 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.596914053 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.597628117 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.597639084 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.597691059 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674350977 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674365997 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674376011 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674424887 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674670935 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674683094 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674729109 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674853086 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674864054 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674875021 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674886942 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674897909 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674912930 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.674972057 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.675429106 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.675599098 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.675611019 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.675626040 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.675631046 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.675663948 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.675681114 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676110029 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676115990 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676120043 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676126003 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676139116 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676148891 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676160097 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676171064 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676173925 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676182032 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676192999 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676203966 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676269054 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.676414013 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677812099 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677824974 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677834988 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677846909 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677872896 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677953959 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677966118 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677977085 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677989006 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.677999020 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678009033 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678083897 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678776979 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678930998 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678942919 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678952932 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678966045 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678976059 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.678997993 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679089069 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679763079 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679774046 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679780006 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679790974 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679801941 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679828882 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.679903030 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680239916 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680250883 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680262089 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680269957 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680280924 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680291891 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680293083 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680365086 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680704117 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680769920 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680893898 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680905104 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680918932 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680929899 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680941105 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680952072 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680963039 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.680974007 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.681372881 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.681384087 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.681394100 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.681404114 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.681646109 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.681808949 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.681982040 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.682143927 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.682154894 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.682195902 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.682621002 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.682631969 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.682642937 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.682684898 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683114052 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683295012 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683305979 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683327913 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683345079 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683406115 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683624983 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683785915 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683816910 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683828115 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683837891 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.683870077 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684442997 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684454918 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684464931 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684475899 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684487104 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684494972 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684498072 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.684581995 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685302019 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685314894 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685324907 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685334921 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685345888 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685357094 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685445070 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685623884 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685635090 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685646057 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685657024 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685674906 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.685766935 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.686583042 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.686594009 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.686604977 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.686615944 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.686625004 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.686639071 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.686708927 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.687845945 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.687856913 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.687895060 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.687997103 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688009024 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688057899 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688608885 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688620090 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688630104 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688640118 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688663960 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.688692093 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.689621925 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.689639091 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.689696074 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763211966 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763228893 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763241053 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763341904 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763353109 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763649940 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763662100 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763812065 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763823986 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763834953 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763844013 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.763993025 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764003992 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764503002 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764513969 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764523983 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764534950 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764544964 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764554977 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764564991 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764575005 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764590979 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764600992 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764743090 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764754057 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764764071 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764780045 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764790058 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764800072 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764810085 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764820099 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764832973 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764843941 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.764915943 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765672922 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765702009 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765713930 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765723944 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765733957 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765743017 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765753031 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765763998 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765773058 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765774012 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765785933 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765796900 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765808105 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765858889 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.765938997 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767232895 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767244101 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767292023 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767374992 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767385006 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767395020 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767405033 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767421007 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767493963 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767549038 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767714024 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767723083 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767740011 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767750025 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767757893 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767760038 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767771006 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767781019 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767791033 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767798901 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767808914 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767818928 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767831087 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767838001 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.767916918 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768064976 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768074989 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768085003 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768095970 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768106937 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768452883 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768467903 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768477917 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768487930 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.768497944 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.769829988 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770009041 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770020008 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770199060 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770210028 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770220041 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770350933 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770360947 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770447016 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770457983 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770467997 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770478964 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770637035 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770647049 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770657063 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770665884 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770675898 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770685911 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.770694971 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771136045 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771147966 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771162987 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771174908 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771186113 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771557093 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771568060 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771578074 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771589041 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771600008 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771610022 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.771620035 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.772509098 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.772552967 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.772563934 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.772742987 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.772749901 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.773197889 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.773207903 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.773371935 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.773384094 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.773396015 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.773411036 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.777009010 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.777158022 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.777817011 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.777909040 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.777987957 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.778068066 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:52.756767988 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:52.764350891 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:52.857125998 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:52.862817049 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:53.791040897 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:53.795864105 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.541305065 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.546071053 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.636153936 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.639863014 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.645296097 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.681108952 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.736943007 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.781457901 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.487318039 CET49991443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.487349033 CET4434999134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.487481117 CET49991443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.488842964 CET49991443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.488857985 CET4434999134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.968636990 CET4434999134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.968784094 CET49991443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.973058939 CET49991443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.973067999 CET4434999134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.973131895 CET49991443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.973243952 CET4434999134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.973800898 CET49991443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.975714922 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.980562925 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.069278955 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.072273016 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.077137947 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.109831095 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.168906927 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.210144043 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:03.804924011 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:03.809746981 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:10.077959061 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:10.083148956 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:10.178170919 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:10.183173895 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.656024933 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.656070948 CET4435002734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.667145967 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.667546988 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.667560101 CET4435002734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.670670986 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.670710087 CET4435002834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.674171925 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.674263954 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.674274921 CET4435002834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.119858027 CET4435002734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.119872093 CET4435002734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.119967937 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.123095036 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.123100996 CET4435002734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.123383999 CET4435002734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.125540018 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.125643969 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.125730038 CET4435002734.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.125828028 CET50027443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.130311012 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.135364056 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.146035910 CET4435002834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.146131039 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.148874998 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.148895025 CET4435002834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.149132013 CET4435002834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.151087999 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.151190996 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.151232004 CET4435002834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.151585102 CET50028443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.224819899 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.253834009 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.258690119 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.268838882 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.350604057 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.400428057 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:13.819801092 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:13.824826002 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:22.227889061 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:22.232871056 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:22.359456062 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:22.364402056 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:23.832197905 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:23.837141991 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:32.241926908 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:32.246905088 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:32.373497963 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:32.378343105 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:33.846755028 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:33.851685047 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.996926069 CET50029443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.996984005 CET4435002934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.997314930 CET50029443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.999998093 CET50029443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.000036955 CET4435002934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.473684072 CET4435002934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.473891973 CET50029443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.478037119 CET50029443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.478059053 CET4435002934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.478132010 CET50029443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.478265047 CET4435002934.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.479015112 CET50029443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.480935097 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.485739946 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.574598074 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.578192949 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.583055019 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.635529995 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.675460100 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.735862017 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:43.860723019 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:43.865633965 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:50.578140020 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:50.583076000 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:50.678314924 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:50.683192968 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:53.869960070 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:53.875066042 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:00.589690924 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:00.594583035 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:00.689867020 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:00.697402954 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:03.877361059 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:03.882375002 CET80498852.22.61.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:10.604119062 CET4972180192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:10.609086990 CET804972134.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:10.701114893 CET4971980192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:10.706245899 CET804971934.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:13.893717051 CET4988580192.168.2.52.22.61.56
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:13.898657084 CET80498852.22.61.56192.168.2.5

                                                                                                                                                                                                                                                                                                                                        UDP Packets

                                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.784457922 CET5251153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.791346073 CET53525111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.802324057 CET5350753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.809412003 CET53535071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.155704021 CET5886853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.155976057 CET5670453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163104057 CET53567041.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163213015 CET53588681.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.164628029 CET5639753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.171778917 CET53563971.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.177222013 CET4944553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.177369118 CET6205253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.183983088 CET53494451.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.183995962 CET53620521.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.193327904 CET5498753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.200464010 CET53549871.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.399631977 CET6234053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.406483889 CET53623401.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.412518978 CET5444153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.416933060 CET5442253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.419960976 CET53544411.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.422070026 CET6301853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.424664021 CET53544221.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.430025101 CET53630181.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.445189953 CET5505353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.452637911 CET53550531.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.879853964 CET5879353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.887623072 CET53587931.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.888895035 CET5671653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.895942926 CET53567161.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.896555901 CET5104253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.903953075 CET53510421.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.927342892 CET5935253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.927630901 CET5904953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934072018 CET53593521.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934341908 CET53590491.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.938154936 CET6363153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.945060968 CET53636311.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.140136003 CET6004853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.148121119 CET53600481.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.150063992 CET5925453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.157696009 CET53592541.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.158529997 CET6318453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.165539026 CET53631841.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.087203979 CET5450053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.094403028 CET53545001.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.096668005 CET4922053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.104262114 CET53492201.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.110692978 CET5840153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.117928028 CET53584011.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.699934006 CET5297453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.707067013 CET53529741.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.708023071 CET6045453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.715116024 CET53604541.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.727724075 CET6267053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.735281944 CET53626701.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.797471046 CET5126653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.804579973 CET53512661.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.816827059 CET5748453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.823945045 CET53574841.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.824857950 CET5979853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.831796885 CET53597981.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.420864105 CET6349853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.427428961 CET53634981.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.439836979 CET5913453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.444489956 CET5538653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.446809053 CET53591341.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.451240063 CET53553861.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.452712059 CET5721753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.453161955 CET5396753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.460047960 CET53539671.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.460279942 CET53572171.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.435498953 CET5153353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.438472033 CET6051853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.438716888 CET5818653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.438786983 CET5030853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.442476988 CET53515331.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET53605181.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445430040 CET53581861.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445440054 CET53503081.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.799377918 CET5130453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.799649954 CET6456553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.799957037 CET6186653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET53513041.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806498051 CET53645651.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806817055 CET53618661.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.807068110 CET5132853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.807579994 CET5916653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.807847023 CET6051753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.813905001 CET53513281.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.814666986 CET53605171.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.814675093 CET6136353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.815212965 CET5293953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.815639973 CET53591661.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.821331978 CET53613631.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.822043896 CET53529391.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.561532021 CET5266053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.561579943 CET5150353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.564106941 CET5200953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568130970 CET53526601.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568310022 CET53515031.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.571055889 CET53520091.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.581326008 CET5270453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.581499100 CET6065953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.588176966 CET53527041.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.588592052 CET53606591.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.469181061 CET4942853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.476361990 CET53494281.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.719495058 CET5257753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.727952003 CET53525771.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.728673935 CET5747953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.737834930 CET53574791.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.634176970 CET5745653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.641058922 CET53574561.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.654150009 CET4970353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.661422014 CET53497031.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.673171043 CET6298653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.680784941 CET53629861.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.681376934 CET5004653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.689418077 CET53500461.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.712002039 CET6091553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.720108986 CET53609151.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.725857973 CET5819053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.734632969 CET53581901.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.737607002 CET5717053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.745062113 CET53571701.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.673259974 CET5617953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.680623055 CET53561791.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.683360100 CET5854653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.691884995 CET53585461.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.474421978 CET5186253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.481499910 CET53518621.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.486190081 CET5900453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.493237972 CET53590041.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.652740002 CET6078453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.660743952 CET53607841.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.130996943 CET6381653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.137903929 CET53638161.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.984839916 CET6260353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.991950989 CET53626031.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.996700048 CET5351953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.003555059 CET53535191.1.1.1192.168.2.5

                                                                                                                                                                                                                                                                                                                                        DNS Queries

                                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.784457922 CET192.168.2.51.1.1.10x1439Standard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.802324057 CET192.168.2.51.1.1.10x98c0Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.155704021 CET192.168.2.51.1.1.10x469bStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.155976057 CET192.168.2.51.1.1.10x581dStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.164628029 CET192.168.2.51.1.1.10xca7cStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.177222013 CET192.168.2.51.1.1.10x6ce0Standard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.177369118 CET192.168.2.51.1.1.10x471eStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.193327904 CET192.168.2.51.1.1.10xccc1Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.399631977 CET192.168.2.51.1.1.10x2553Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.412518978 CET192.168.2.51.1.1.10x5d18Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.416933060 CET192.168.2.51.1.1.10x940Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.422070026 CET192.168.2.51.1.1.10x8e24Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.445189953 CET192.168.2.51.1.1.10xa1b2Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.879853964 CET192.168.2.51.1.1.10x3686Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.888895035 CET192.168.2.51.1.1.10x91e9Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.896555901 CET192.168.2.51.1.1.10xac84Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.927342892 CET192.168.2.51.1.1.10x4caaStandard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.927630901 CET192.168.2.51.1.1.10x39acStandard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.938154936 CET192.168.2.51.1.1.10xa19aStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.140136003 CET192.168.2.51.1.1.10x82baStandard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.150063992 CET192.168.2.51.1.1.10xb6c6Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.158529997 CET192.168.2.51.1.1.10x6664Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.087203979 CET192.168.2.51.1.1.10x2a5Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.096668005 CET192.168.2.51.1.1.10x8b22Standard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.110692978 CET192.168.2.51.1.1.10x2313Standard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.699934006 CET192.168.2.51.1.1.10x660Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.708023071 CET192.168.2.51.1.1.10xd40eStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.727724075 CET192.168.2.51.1.1.10xfde2Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.797471046 CET192.168.2.51.1.1.10xa5edStandard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.816827059 CET192.168.2.51.1.1.10xe8afStandard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.824857950 CET192.168.2.51.1.1.10x649fStandard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.420864105 CET192.168.2.51.1.1.10x1fa3Standard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.439836979 CET192.168.2.51.1.1.10xf589Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.444489956 CET192.168.2.51.1.1.10xf0afStandard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.452712059 CET192.168.2.51.1.1.10xd7bbStandard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.453161955 CET192.168.2.51.1.1.10x3cf4Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.435498953 CET192.168.2.51.1.1.10xf8a2Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.438472033 CET192.168.2.51.1.1.10x8924Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.438716888 CET192.168.2.51.1.1.10x5bc1Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.438786983 CET192.168.2.51.1.1.10x6631Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.799377918 CET192.168.2.51.1.1.10x5d62Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.799649954 CET192.168.2.51.1.1.10xa6ebStandard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.799957037 CET192.168.2.51.1.1.10x1e1dStandard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.807068110 CET192.168.2.51.1.1.10xe466Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.807579994 CET192.168.2.51.1.1.10xce1bStandard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.807847023 CET192.168.2.51.1.1.10x6421Standard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.814675093 CET192.168.2.51.1.1.10x955cStandard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.815212965 CET192.168.2.51.1.1.10xa3beStandard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.561532021 CET192.168.2.51.1.1.10xb991Standard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.561579943 CET192.168.2.51.1.1.10x1fc2Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.564106941 CET192.168.2.51.1.1.10x88d0Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.581326008 CET192.168.2.51.1.1.10x9523Standard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.581499100 CET192.168.2.51.1.1.10x6fbeStandard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.469181061 CET192.168.2.51.1.1.10x2812Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.719495058 CET192.168.2.51.1.1.10x8c6bStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.728673935 CET192.168.2.51.1.1.10xf881Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.634176970 CET192.168.2.51.1.1.10xddb7Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.654150009 CET192.168.2.51.1.1.10x1b87Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.673171043 CET192.168.2.51.1.1.10x166dStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.681376934 CET192.168.2.51.1.1.10xa803Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.712002039 CET192.168.2.51.1.1.10xe86cStandard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.725857973 CET192.168.2.51.1.1.10x1381Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.737607002 CET192.168.2.51.1.1.10xb9cStandard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.673259974 CET192.168.2.51.1.1.10x609eStandard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.683360100 CET192.168.2.51.1.1.10x1138Standard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.474421978 CET192.168.2.51.1.1.10x7fe1Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.486190081 CET192.168.2.51.1.1.10xd932Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.652740002 CET192.168.2.51.1.1.10x9f11Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.130996943 CET192.168.2.51.1.1.10xec9bStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.984839916 CET192.168.2.51.1.1.10x1e0fStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.996700048 CET192.168.2.51.1.1.10x45a1Standard query (0)push.services.mozilla.com28IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                        DNS Answers

                                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.778526068 CET1.1.1.1192.168.2.50xbb67No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:12.791346073 CET1.1.1.1192.168.2.50x1439No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163104057 CET1.1.1.1192.168.2.50x581dNo error (0)youtube.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163213015 CET1.1.1.1192.168.2.50x469bNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163213015 CET1.1.1.1192.168.2.50x469bNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.163213015 CET1.1.1.1192.168.2.50x469bNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.171778917 CET1.1.1.1192.168.2.50xca7cNo error (0)youtube.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.183983088 CET1.1.1.1192.168.2.50x6ce0No error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.183995962 CET1.1.1.1192.168.2.50x471eNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.200464010 CET1.1.1.1192.168.2.50xccc1No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.398562908 CET1.1.1.1192.168.2.50xc596No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.398562908 CET1.1.1.1192.168.2.50xc596No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.406483889 CET1.1.1.1192.168.2.50x2553No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.419960976 CET1.1.1.1192.168.2.50x5d18No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.430025101 CET1.1.1.1192.168.2.50x8e24No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.887623072 CET1.1.1.1192.168.2.50x3686No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.887623072 CET1.1.1.1192.168.2.50x3686No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.895942926 CET1.1.1.1192.168.2.50x91e9No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934072018 CET1.1.1.1192.168.2.50x4caaNo error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934072018 CET1.1.1.1192.168.2.50x4caaNo error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934072018 CET1.1.1.1192.168.2.50x4caaNo error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934072018 CET1.1.1.1192.168.2.50x4caaNo error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934341908 CET1.1.1.1192.168.2.50x39acNo error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.934341908 CET1.1.1.1192.168.2.50x39acNo error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.945060968 CET1.1.1.1192.168.2.50xa19aNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.945060968 CET1.1.1.1192.168.2.50xa19aNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.945060968 CET1.1.1.1192.168.2.50xa19aNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.148121119 CET1.1.1.1192.168.2.50x82baNo error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.148121119 CET1.1.1.1192.168.2.50x82baNo error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.148121119 CET1.1.1.1192.168.2.50x82baNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.157696009 CET1.1.1.1192.168.2.50xb6c6No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.094403028 CET1.1.1.1192.168.2.50x2a5No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.094403028 CET1.1.1.1192.168.2.50x2a5No error (0)shavar.prod.mozaws.net52.35.152.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.094403028 CET1.1.1.1192.168.2.50x2a5No error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.094403028 CET1.1.1.1192.168.2.50x2a5No error (0)shavar.prod.mozaws.net52.35.181.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.104262114 CET1.1.1.1192.168.2.50x8b22No error (0)shavar.prod.mozaws.net52.35.181.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.104262114 CET1.1.1.1192.168.2.50x8b22No error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.104262114 CET1.1.1.1192.168.2.50x8b22No error (0)shavar.prod.mozaws.net52.35.152.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.707067013 CET1.1.1.1192.168.2.50x660No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.715116024 CET1.1.1.1192.168.2.50xd40eNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.781428099 CET1.1.1.1192.168.2.50xbbf6No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.781428099 CET1.1.1.1192.168.2.50xbbf6No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.804579973 CET1.1.1.1192.168.2.50xa5edNo error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.804579973 CET1.1.1.1192.168.2.50xa5edNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.823945045 CET1.1.1.1192.168.2.50xe8afNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.427428961 CET1.1.1.1192.168.2.50x1fa3No error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.427428961 CET1.1.1.1192.168.2.50x1fa3No error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.427428961 CET1.1.1.1192.168.2.50x1fa3No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.432611942 CET1.1.1.1192.168.2.50x913aNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.446809053 CET1.1.1.1192.168.2.50xf589No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.451240063 CET1.1.1.1192.168.2.50xf0afNo error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.966769934 CET1.1.1.1192.168.2.50x265cNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.442476988 CET1.1.1.1192.168.2.50xf8a2No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.442476988 CET1.1.1.1192.168.2.50xf8a2No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.442476988 CET1.1.1.1192.168.2.50xf8a2No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.443788052 CET1.1.1.1192.168.2.50xdf2dNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com216.58.212.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445276976 CET1.1.1.1192.168.2.50x8924No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445430040 CET1.1.1.1192.168.2.50x5bc1No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445430040 CET1.1.1.1192.168.2.50x5bc1No error (0)star-mini.c10r.facebook.com157.240.0.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445440054 CET1.1.1.1192.168.2.50x6631No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.445440054 CET1.1.1.1192.168.2.50x6631No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com216.58.212.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806025028 CET1.1.1.1192.168.2.50x5d62No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806498051 CET1.1.1.1192.168.2.50xa6ebNo error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.806817055 CET1.1.1.1192.168.2.50x1e1dNo error (0)star-mini.c10r.facebook.com157.240.251.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.813905001 CET1.1.1.1192.168.2.50xe466No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.813905001 CET1.1.1.1192.168.2.50xe466No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.813905001 CET1.1.1.1192.168.2.50xe466No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.813905001 CET1.1.1.1192.168.2.50xe466No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.814666986 CET1.1.1.1192.168.2.50x6421No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.815639973 CET1.1.1.1192.168.2.50xce1bNo error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.821331978 CET1.1.1.1192.168.2.50x955cNo error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.821331978 CET1.1.1.1192.168.2.50x955cNo error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.821331978 CET1.1.1.1192.168.2.50x955cNo error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.821331978 CET1.1.1.1192.168.2.50x955cNo error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.821331978 CET1.1.1.1192.168.2.50x955cNo error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.822043896 CET1.1.1.1192.168.2.50xa3beNo error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568130970 CET1.1.1.1192.168.2.50xb991No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568130970 CET1.1.1.1192.168.2.50xb991No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568130970 CET1.1.1.1192.168.2.50xb991No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568130970 CET1.1.1.1192.168.2.50xb991No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568310022 CET1.1.1.1192.168.2.50x1fc2No error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568310022 CET1.1.1.1192.168.2.50x1fc2No error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568310022 CET1.1.1.1192.168.2.50x1fc2No error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:26.568310022 CET1.1.1.1192.168.2.50x1fc2No error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.727952003 CET1.1.1.1192.168.2.50x8c6bNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.640110970 CET1.1.1.1192.168.2.50xfbeaNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.640110970 CET1.1.1.1192.168.2.50xfbeaNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.661422014 CET1.1.1.1192.168.2.50x1b87No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.661422014 CET1.1.1.1192.168.2.50x1b87No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.661422014 CET1.1.1.1192.168.2.50x1b87No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.661422014 CET1.1.1.1192.168.2.50x1b87No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.680784941 CET1.1.1.1192.168.2.50x166dNo error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.680784941 CET1.1.1.1192.168.2.50x166dNo error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.680784941 CET1.1.1.1192.168.2.50x166dNo error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.680784941 CET1.1.1.1192.168.2.50x166dNo error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.689418077 CET1.1.1.1192.168.2.50xa803No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.689418077 CET1.1.1.1192.168.2.50xa803No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.689418077 CET1.1.1.1192.168.2.50xa803No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.689418077 CET1.1.1.1192.168.2.50xa803No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.720108986 CET1.1.1.1192.168.2.50xe86cNo error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.720108986 CET1.1.1.1192.168.2.50xe86cNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:41.734632969 CET1.1.1.1192.168.2.50x1381No error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.671931028 CET1.1.1.1192.168.2.50x55dfNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.671931028 CET1.1.1.1192.168.2.50x55dfNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.671931028 CET1.1.1.1192.168.2.50x55dfNo error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.671931028 CET1.1.1.1192.168.2.50x55dfNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.671931028 CET1.1.1.1192.168.2.50x55dfNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.680623055 CET1.1.1.1192.168.2.50x609eNo error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.680623055 CET1.1.1.1192.168.2.50x609eNo error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.691884995 CET1.1.1.1192.168.2.50x1138No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.691884995 CET1.1.1.1192.168.2.50x1138No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.481499910 CET1.1.1.1192.168.2.50x7fe1No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:11.645276070 CET1.1.1.1192.168.2.50xaaeaNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.137903929 CET1.1.1.1192.168.2.50xec9bNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.137903929 CET1.1.1.1192.168.2.50xec9bNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.137903929 CET1.1.1.1192.168.2.50xec9bNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:39.991950989 CET1.1.1.1192.168.2.50x1e0fNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                        HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                        • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                                        HTTP Packets

                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        0192.168.2.54971334.107.221.82801396C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.208987951 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.663686991 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Fri, 07 Feb 2025 22:55:32 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 73962
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        1192.168.2.54971934.107.221.82801396C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:14.959611893 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.414489985 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29584
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.711585045 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.832792044 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29584
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.859303951 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.956047058 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29585
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.061265945 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:17.157882929 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29586
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.729603052 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.826565981 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29589
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.991695881 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:21.088118076 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29590
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.359672070 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.456063986 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29596
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.996500015 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.093291998 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29597
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.456155062 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.555416107 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29597
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.561758041 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.306118965 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.453811884 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29608
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.238827944 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.335710049 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29611
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.752844095 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.850744009 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29611
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:52.857125998 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.639863014 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.736943007 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29624
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.072273016 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.168906927 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29629
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:10.178170919 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.253834009 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.350604057 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29641
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:22.359456062 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:32.373497963 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.578192949 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.675460100 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 29669
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:50.678314924 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:00.689867020 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:10.701114893 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:


                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        2192.168.2.54972134.107.221.82801396C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.128107071 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.573345900 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59817
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:15.906788111 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.001929998 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59817
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.887531042 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:16.982209921 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59818
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.429406881 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.523581028 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59822
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.891006947 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:20.985443115 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59822
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.435998917 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:25.529551029 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59827
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.457961082 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:27.551758051 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59829
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.358057022 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:28.452128887 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59830
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:38.461457014 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.208045959 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:39.302110910 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59841
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.140268087 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.234031916 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59844
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.647588015 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.741348028 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59844
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:52.756767988 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.541305065 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:55.636153936 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59857
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:59.975714922 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:00.069278955 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59862
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:10.077959061 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.130311012 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:12.224819899 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59874
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:22.227889061 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:32.241926908 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.480935097 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:40.574598074 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 02:51:18 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 59902
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:29:50.578140020 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:00.589690924 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:30:10.604119062 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:


                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        3192.168.2.5498852.22.61.56801396C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:42.678030968 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.310105085 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Content-Length: 453023
                                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                        Last-Modified: Fri, 07 Feb 2025 06:55:57 GMT
                                                                                                                                                                                                                                                                                                                                        ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                                        X-Timestamp: 1738911356.44453
                                                                                                                                                                                                                                                                                                                                        Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                                        X-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=221820
                                                                                                                                                                                                                                                                                                                                        Expires: Tue, 11 Feb 2025 09:05:43 GMT
                                                                                                                                                                                                                                                                                                                                        Date: Sat, 08 Feb 2025 19:28:43 GMT
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                        Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.310120106 CET1236INData Raw: bd c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5
                                                                                                                                                                                                                                                                                                                                        Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*dIUkq9[d
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.310136080 CET448INData Raw: 76 05 c4 dc 61 8a ee 89 36 03 dd 1b 08 cd 40 d9 ea 04 bd 6e 44 fc 07 c7 c5 f9 37 23 49 13 20 6b 79 26 c2 ef b5 cf c4 f9 36 c0 ee 95 21 56 4f bf 34 ab 1d 51 ac fe f7 81 91 58 5d 54 d5 5a 44 59 dd bb 12 e9 2b 02 56 4f 8f 9f b8 ad c8 db ba c2 58 de
                                                                                                                                                                                                                                                                                                                                        Data Ascii: va6@nD7#I ky&6!VO4QX]TZDY+VOXrm!m%R4Re"*2Xohu}G9gVP8ghhlW4CUR7wv$Y`X%k|h``\"^w\>(y':@V6
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.312005043 CET1236INData Raw: 65 e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b
                                                                                                                                                                                                                                                                                                                                        Data Ascii: e2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.312021971 CET1236INData Raw: 7f b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj$j'8+e
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.312031984 CET448INData Raw: 62 59 a1 3a 30 da 1f c7 46 38 f7 c6 ae b7 e7 c5 9f 5d a8 36 5f d5 9d 87 6c ad 47 1b 46 c6 e7 3b 33 98 32 52 3c 2a 7c ff bd 41 4d 6d c3 e7 1d cc 76 b2 cb 49 da 24 b2 93 ee 1d dc b1 15 a7 08 df 1f 0f a0 b9 ab d2 f6 0e 3e 2d d7 34 b2 0c b5 d2 2c 92
                                                                                                                                                                                                                                                                                                                                        Data Ascii: bY:0F8]6_lGF;32R<*|AMmvI$>-4,*kx@<w LP#a=5;byI bIj+pB1\X*%]"^\no%S<ov|2z_gOg/n}{6{ED$Y'1ZHBF
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.314621925 CET1236INData Raw: 5d a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48
                                                                                                                                                                                                                                                                                                                                        Data Ascii: ]!Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.314640045 CET1236INData Raw: 0e 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd
                                                                                                                                                                                                                                                                                                                                        Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!kF&9U5D
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.314651012 CET448INData Raw: 8e 80 f1 d6 7f 38 46 eb 3f 1c 23 ff 8f c5 d8 58 38 5e ff 5a c1 75 dc f3 45 f8 0e 91 4d 9e 26 d6 b0 8e 91 b8 7f 6f e3 dc b9 f8 7a 11 3a 17 65 de e0 6e 61 b5 ee 2c 6c 8a cc 0d 47 e8 dc f0 f5 04 cb 7d 84 8d e9 d1 3f 18 23 41 f5 49 58 9d e6 3d a2 a3
                                                                                                                                                                                                                                                                                                                                        Data Ascii: 8F?#X8^ZuEM&oz:ena,lG}?#AIX=)lWhn)U1o+dw~`#z=W,3&7`kG)EdnjT3sTF?/0'^kuQD=8d^[Q*WdHhP7
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.317359924 CET1236INData Raw: 99 ab a9 73 7e 10 21 b3 7f 3f 98 f2 0a 83 52 f4 85 bb f5 bc aa 6a d7 51 ff 65 c7 5c 50 b5 82 5a 91 f4 f0 81 9a 55 64 d0 ef fc ca 7e cc f3 73 23 7e 8c 48 1d 19 ee c5 3a 8d db 47 a8 2d e9 db 05 d9 82 0d 5c dd 12 50 df 82 cf b9 ba 47 f0 9a c5 d5 cd
                                                                                                                                                                                                                                                                                                                                        Data Ascii: s~!?RjQe\PZUd~s#~H:G-\PGk_H?ff)\{ZL$Ney?u2,qe|+WJx@W9h.k,s)]d{ q{;bl@,S/(^z1
                                                                                                                                                                                                                                                                                                                                        Feb 8, 2025 20:28:43.317378044 CET1236INData Raw: 54 88 af 6b 46 21 96 c5 bc 17 f8 0b 33 f5 a2 5c 8c f3 a5 7a 0f eb 92 0f 50 32 86 fd 65 5b 30 c8 b2 e7 30 e0 fb 80 1a be 7d a4 46 35 7c d3 69 08 ed 2b a1 bc e9 40 0c 46 75 4f b0 5b 0d 12 e4 5d 29 77 a0 15 ab 42 4b 58 cd 29 e9 2f 53 ed 53 3b ff 20
                                                                                                                                                                                                                                                                                                                                        Data Ascii: TkF!3\zP2e[00}F5|i+@FuO[])wBKX)/SS; <NEfql]M.dRro7/tk>)0(k"?1!cY[D8w5U:1|hEfwS"'<^`c7


                                                                                                                                                                                                                                                                                                                                        Statistics

                                                                                                                                                                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                        Behavior

                                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                                        System Behavior

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:0
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:04
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x4b0000
                                                                                                                                                                                                                                                                                                                                        File size:968'704 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:4CB7F8D6D02D0A8B31C24B632532F3B5
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:2
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:05
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x840000
                                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:3
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:05
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:4
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:07
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x840000
                                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:5
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:07
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:6
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x840000
                                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:7
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:8
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x840000
                                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:9
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:10
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                        Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x840000
                                                                                                                                                                                                                                                                                                                                        File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:11
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:12
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:14
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:08
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:16
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:10
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2192 -parentBuildID 20230927232528 -prefsHandle 2104 -prefMapHandle 2096 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2c1f52b-5438-4ca1-98f7-d2c76f772c26} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9b5670b10 socket
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:17
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:11
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3008 -parentBuildID 20230927232528 -prefsHandle 2988 -prefMapHandle 3020 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c0f3fc0-8d05-409b-831e-84e529f5bfeb} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9c7df5d10 rdd
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:18
                                                                                                                                                                                                                                                                                                                                        Start time:14:28:16
                                                                                                                                                                                                                                                                                                                                        Start date:08/02/2025
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5124 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5076 -prefMapHandle 5072 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe98f088-833d-4ecb-aeac-9d8e65171bf6} 1396 "\\.\pipe\gecko-crash-server-pipe.1396" 2b9ce493910 utility
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        Disassembly

                                                                                                                                                                                                                                                                                                                                        Reset < >