Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1613652
MD5:49c6332d7ddfaec6d999414f35ed665d
SHA1:8db9314dd518f0211b111f719fc5bff871c5fb06
SHA256:2058cec90818bcd50676b4d1777891ed1e3b0fff94762289ad4a312aaecfcd2e
Tags:CredentialFlusherexeuser-aachum
Infos:

Detection

Credential Flusher
Score:76
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Connects to many different domains
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected non-DNS traffic on DNS port
Detected potential crypto function
Drops PE files
Enables debug privileges
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 5276 cmdline: "C:\Users\user\Desktop\random.exe" MD5: 49C6332D7DDFAEC6D999414F35ED665D)
    • taskkill.exe (PID: 3660 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 3680 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1240 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6564 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 348 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 3176 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 1960 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7032 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 6200 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 6348 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 2944 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 4084 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 6160 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 1628 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2184 -parentBuildID 20230927232528 -prefsHandle 2132 -prefMapHandle 2128 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4462b6ba-8661-4864-b08d-51ab7b5f4cf6} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a0736df10 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 6444 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4140 -parentBuildID 20230927232528 -prefsHandle 3976 -prefMapHandle 3888 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86938175-9509-4ff7-a417-23325ed0359c} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a197d8b10 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7748 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5028 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {759d927b-34cc-45ee-91d7-b87fecc7d62f} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a2323f910 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 5276JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeVirustotal: Detection: 31%Perma Link
    Source: random.exeReversingLabs: Detection: 29%
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.9% probability
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49717 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49719 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49724 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49734 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54082 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54083 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54162 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:54163 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.65.91:443 -> 192.168.2.5:54164 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54173 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54172 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54171 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:54177 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54329 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54330 version: TLS 1.2
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2325039916.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324514321.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000E.00000003.2324958752.0000022A16D31000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2325039916.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324514321.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2323705491.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000E.00000003.2324958752.0000022A16D31000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2323705491.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0060DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005DC2A2 FindFirstFileExW,0_2_005DC2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006168EE FindFirstFileW,FindClose,0_2_006168EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0061698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0060D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0060D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00619642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00619642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0061979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00619B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00619B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00615C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00615C97
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 4x nop then dec ecx14_3_000000B6D5372A46
    Source: firefox.exeMemory has grown: Private usage: 1MB later: 217MB
    Source: unknownNetwork traffic detected: DNS query count 33
    Source: global trafficTCP traffic: 192.168.2.5:54058 -> 1.1.1.1:53
    Source: Joe Sandbox ViewIP Address: 2.22.61.59 2.22.61.59
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewIP Address: 151.101.65.91 151.101.65.91
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061CE44 InternetReadFile,SetEvent,GetLastError,SetEvent,0_2_0061CE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKLast-Modified: Fri, 07 Feb 2025 06:55:57 GMTETag: 85430baed3398695717b0263807cf97cContent-Length: 453023Accept-Ranges: bytesX-Timestamp: 1738911356.44453Content-Type: application/zipX-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1Cache-Control: public, max-age=72814Expires: Thu, 13 Feb 2025 17:18:40 GMTDate: Wed, 12 Feb 2025 21:05:06 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 bd Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000E.00000003.2310087880.0000022A17DA0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212536689.0000022A18574000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/*Z equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: /*://www.facebook.com/*Z equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2282011450.000008D2F5A03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: /www.facebook.comZ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2287662115.0000022A23140000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2305892338.0000022A23140000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330194897.0000022A2313C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2274108835.0000022A18FAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2270433385.0000022A1F0A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2153861305.0000022A1F544000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274108835.0000022A18FAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274236755.0000022A18FA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2287662115.0000022A23140000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2305892338.0000022A23140000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2303203736.0000022A190A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2274108835.0000022A18FAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2270433385.0000022A1F0A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/Z equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2153861305.0000022A1F544000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274108835.0000022A18FAE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 00000011.00000002.3922659622.0000013B1B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D690C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 00000011.00000002.3922659622.0000013B1B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D690C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 00000011.00000002.3922659622.0000013B1B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D690C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/Z equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2336151333.0000022A18963000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: moz-extension://bfdd6cf3-6cd6-4fa2-bc72-2c3d2e7d20f8/injections/js/bug1842437-www.youtube.com-performance-now-precision.js equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2330903501.0000022A1F513000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2287662115.0000022A23140000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282011450.000008D2F5A03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.comZ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000E.00000003.2330903501.0000022A1F513000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F513000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.comZ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000E.00000003.2303203736.0000022A190C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2336846338.0000022A182D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000E.00000003.2265820517.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
    Source: firefox.exe, 0000000E.00000003.2265820517.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
    Source: firefox.exe, 0000000E.00000003.2265820517.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
    Source: firefox.exe, 0000000E.00000003.2265820517.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321622969.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321622969.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%s
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoft.co
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321622969.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CC8000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321622969.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CC8000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
    Source: firefox.exe, 0000000E.00000003.2274854561.0000022A18F30000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2315754919.0000022A19FB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2320865497.0000022A18992000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000E.00000003.2307861227.0000022A18FA1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2275108688.0000022A18ED8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337556203.0000022A17FB4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2320865497.0000022A18992000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000000E.00000003.2262634600.0000022A221BE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000E.00000003.2265212619.0000022A1F549000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2244543261.0000022A17DE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2245640657.0000022A17DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000E.00000003.2282277319.00000B7E96403000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2282277319.00000B7E96403000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/0
    Source: firefox.exe, 0000000E.00000003.2224498043.0000022A187D9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2171790435.0000022A185E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2253452361.0000022A186C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335143494.0000022A199D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2207243147.0000022A186EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282897596.0000022A18A34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2220993714.0000022A185E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2122934480.0000022A177C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2121785394.0000022A177D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2254569659.0000022A186EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2239921732.0000022A177C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2120954258.0000022A186EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2334467328.0000022A19F89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2224498043.0000022A187B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2142233199.0000022A1F0D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2141756482.0000022A1F49D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283557330.0000022A188C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247449759.0000022A18A39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283791972.0000022A18869000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271507050.0000022A1AAC4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284846647.0000022A188EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: firefox.exe, 0000000E.00000003.2282277319.00000B7E96403000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/Z
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321622969.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0C
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.digicert.com0N
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321622969.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ocsp.thawte.com0
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2261940609.0000022A231F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2261940609.0000022A231EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2261940609.0000022A231F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2261940609.0000022A231EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%s
    Source: gmpopenh264.dll.tmp.14.drString found in binary or memory: http://www.mozilla.com0
    Source: firefox.exe, 0000000E.00000003.2265820517.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
    Source: firefox.exe, 0000000E.00000003.2143202646.0000022A19BF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317844861.0000022A1995C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273475194.0000022A1995D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2301769669.0000022A19BF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273557532.0000022A1993C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2305251659.0000022A231FD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302646285.0000022A1995C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273093401.0000022A19BF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302733773.0000022A1993C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: firefox.exe, 0000000E.00000003.2273557532.0000022A1993C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302733773.0000022A1993C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulno
    Source: firefox.exe, 0000000E.00000003.2317844861.0000022A1995C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2273475194.0000022A1995D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2302646285.0000022A1995C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulp
    Source: mozilla-temp-41.14.drString found in binary or memory: http://www.videolan.org/x264.html
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2261940609.0000022A231EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2261940609.0000022A231EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
    Source: firefox.exe, 0000000E.00000003.2264761924.0000022A1F557000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F555000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://youtube.com/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000E.00000003.2115696891.0000022A16F1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2116117838.0000022A16F81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000E.00000003.2299209445.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
    Source: firefox.exe, 0000000E.00000003.2329964166.0000022A23237000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000000E.00000003.2298178541.0000022A1F24C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F24C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
    Source: firefox.exe, 0000000E.00000003.2169986717.0000022A18BA4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2231892475.0000022A18CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2222439187.0000022A18BA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169097705.0000022A18BFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2224241078.0000022A18BFA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2258173179.0000022A18BFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2175138506.0000022A18BFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170821140.0000022A18BFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2258641042.0000022A18CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2168785642.0000022A18CC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2167446375.0000022A18BA4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2208918413.0000022A18CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2170821140.0000022A18BA4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2173835016.0000022A18BFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2166435081.0000022A18BFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241757643.0000022A18CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2175250051.0000022A18BA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2172793973.0000022A18CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2169439281.0000022A18BFD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2225329918.0000022A18CC9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2236705340.0000022A18CC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
    Source: firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
    Source: firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
    Source: firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
    Source: firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
    Source: firefox.exe, 0000000E.00000003.2304599649.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335592243.0000022A18F82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2307861227.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274236755.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads-us.rd.linksynergy.com/as.php
    Source: firefox.exe, 0000000E.00000003.2303203736.0000022A190C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://allegro.pl/
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com
    Source: firefox.exe, 0000000E.00000003.2264761924.0000022A1F557000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F555000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com/
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.comZ
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000E.00000003.2330194897.0000022A2313C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000000E.00000003.2294844402.0000022A2317B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2331005261.0000022A1F415000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265820517.0000022A1F410000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A2317B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
    Source: firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
    Source: firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000000E.00000003.2212994932.0000022A1862B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
    Source: firefox.exe, 0000000E.00000003.2212994932.0000022A1862B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
    Source: firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
    Source: firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
    Source: firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
    Source: firefox.exe, 0000000E.00000003.2212994932.0000022A1862B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
    Source: firefox.exe, 0000000E.00000003.2283557330.0000022A188C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
    Source: firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
    Source: firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000E.00000003.2265820517.0000022A1F42D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2116117838.0000022A16F81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000E.00000003.2333425334.0000022A1AB59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
    Source: firefox.exe, 0000000E.00000003.2143610844.0000022A19B98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2331417092.0000022A1F2BC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2135491428.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000000E.00000003.2294039364.0000022A16F42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2304599649.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212567727.0000022A18571000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2310087880.0000022A17DA0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335592243.0000022A18F82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2307861227.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274236755.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279096895.0000022A173B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
    Source: firefox.exe, 0000000E.00000003.2306292916.0000022A2134A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
    Source: firefox.exe, 0000000E.00000003.2263920484.0000022A21356000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
    Source: firefox.exe, 0000000E.00000003.2306292916.0000022A2134A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarningElem
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
    Source: firefox.exe, 0000000E.00000003.2224498043.0000022A187BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2135491428.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F0A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2143696918.0000022A17CBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247449759.0000022A18A14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000E.00000003.2153861305.0000022A1F535000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?t=ffab&q=
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
    Source: firefox.exe, 0000000E.00000003.2263920484.0000022A21356000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
    Source: firefox.exe, 00000013.00000002.3921272144.000001B7D6913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2146879578.0000022A17E09000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2144408520.0000022A17E15000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 0000000E.00000003.2263920484.0000022A213CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2294441765.0000022A232F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
    Source: firefox.exe, 0000000E.00000003.2263920484.0000022A213CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
    Source: firefox.exe, 0000000E.00000003.2264761924.0000022A1F5C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 00000013.00000002.3921272144.000001B7D6913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 0000000E.00000003.2307601200.0000022A197D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 00000011.00000002.3922659622.0000013B1B22F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D6930000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
    Source: firefox.exe, 0000000E.00000003.2307601200.0000022A197D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
    Source: firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
    Source: firefox.exe, 0000000E.00000003.2307601200.0000022A197D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000E.00000003.2265212619.0000022A1F52C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/cfworker
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2135491428.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000000E.00000003.2237249356.0000022A1F121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136913609.0000022A1F137000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2151016678.0000022A1F121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2148145387.0000022A1F121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000000E.00000003.2237249356.0000022A1F121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2136913609.0000022A1F137000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2151016678.0000022A1F121000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2148145387.0000022A1F121000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000E.00000003.2115696891.0000022A16F1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000000E.00000003.2306292916.0000022A21367000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
    Source: firefox.exe, 0000000E.00000003.2143202646.0000022A19BD4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316986858.0000022A19BD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
    Source: firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2304599649.0000022A18F54000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2175662094.0000022A18B3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2173912866.0000022A18B3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279096895.0000022A173B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
    Source: firefox.exe, 0000000E.00000003.2308679812.0000022A18EF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2275108688.0000022A18EF3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
    Source: firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2331672999.0000022A1F277000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
    Source: prefs-1.js.14.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
    Source: firefox.exe, 0000000E.00000003.2320696700.0000022A189EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335762407.0000022A189EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 00000011.00000002.3922659622.0000013B1B2BC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000000E.00000003.2294844402.0000022A23164000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2287262095.0000022A23283000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/1034946c-6e35-4a20-a3bf-4de20
    Source: firefox.exe, 0000000E.00000003.2337861040.0000022A17F75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2336702915.0000022A182F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/6f765a26-9b3a-432a
    Source: firefox.exe, 0000000E.00000003.2336702915.0000022A182F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/f3375ce4-3019-42bc
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
    Source: firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2299209445.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
    Source: firefox.exe, 0000000E.00000003.2299209445.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
    Source: firefox.exe, 0000000E.00000003.2294039364.0000022A16F42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2304599649.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212567727.0000022A18571000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2310087880.0000022A17DA0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335592243.0000022A18F82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2307861227.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274236755.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279096895.0000022A173B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
    Source: firefox.exe, 00000011.00000002.3922659622.0000013B1B286000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D698F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000000E.00000003.2320696700.0000022A189E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2316986858.0000022A19BD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
    Source: firefox.exe, 0000000E.00000003.2320696700.0000022A189AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 0000000E.00000003.2320696700.0000022A189AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2&
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 0000000E.00000003.2308227005.0000022A18F46000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274692832.0000022A18F46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 0000000E.00000003.2320696700.0000022A189AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=AIzaSyC7jsptDS
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 0000000E.00000003.2320696700.0000022A189AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000E.00000003.2224498043.0000022A187BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 0000000E.00000003.2319557121.0000022A18DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 0000000E.00000003.2315624175.0000022A1ABDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2299209445.0000022A1ABDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
    Source: firefox.exe, 0000000E.00000003.2274854561.0000022A18F30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2274692832.0000022A18F46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2274692832.0000022A18F46000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2336702915.0000022A182F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000E.00000003.2274692832.0000022A18F46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000E.00000003.2142233199.0000022A1F0CA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2269566233.0000022A1F0CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
    Source: firefox.exe, 0000000E.00000003.2338704876.0000022A17C6F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B212000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D6913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 00000013.00000002.3921272144.000001B7D6913000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/CN=The
    Source: firefox.exe, 0000000E.00000003.2338704876.0000022A17C6F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
    Source: firefox.exe, 00000013.00000002.3921272144.000001B7D69F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 0000000E.00000003.2303203736.0000022A190C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
    Source: firefox.exe, 0000000E.00000003.2303203736.0000022A190C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
    Source: firefox.exe, 0000000E.00000003.2337453163.0000022A17FFC000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2264761924.0000022A1F5C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000000E.00000003.2329964166.0000022A23237000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
    Source: firefox.exe, 0000000E.00000003.2309074087.0000022A18EA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2275289222.0000022A18EA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
    Source: firefox.exe, 0000000E.00000003.2275289222.0000022A18EB2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A2317D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A2317D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2309074087.0000022A18EB2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2305292099.0000022A2317D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A2317B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2336151333.0000022A18963000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
    Source: firefox.exe, 0000000E.00000003.2238560035.0000022A1A9E2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2146170845.0000022A1A9E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
    Source: firefox.exe, 0000000E.00000003.2334189753.0000022A19FB4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2315918411.0000022A19FAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
    Source: places.sqlite-wal.14.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.
    Source: firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/Z
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 0000000E.00000003.2336846338.0000022A182B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://watch.sling.com/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000E.00000003.2143202646.0000022A19BD4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2316986858.0000022A19BD4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://weibo.com/
    Source: firefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2135491428.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
    Source: firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
    Source: firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/Z
    Source: firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2116117838.0000022A16F81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247449759.0000022A18A14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bbc.co.uk/
    Source: firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CC8000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CC7000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.14.drString found in binary or memory: https://www.digicert.com/CPS0
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
    Source: firefox.exe, 0000000E.00000003.2265212619.0000022A1F549000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
    Source: firefox.exe, 0000000E.00000003.2143018688.0000022A1F088000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2270433385.0000022A1F07F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298549133.0000022A1F07F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
    Source: firefox.exe, 0000000E.00000003.2136471313.0000022A1F3D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2138051018.0000022A1F1DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000E.00000003.2115696891.0000022A16F1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2116117838.0000022A16F81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000E.00000003.2265820517.0000022A1F42D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2116117838.0000022A16F81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247449759.0000022A18A14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 0000000E.00000003.2153861305.0000022A1F535000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
    Source: firefox.exe, 0000000E.00000003.2337453163.0000022A17FFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317213364.0000022A19BAB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2265212619.0000022A1F525000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2317213364.0000022A19BA8000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 0000000E.00000003.2264761924.0000022A1F5C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc
    Source: firefox.exe, 0000000E.00000003.2146879578.0000022A17E09000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2144408520.0000022A17E15000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
    Source: firefox.exe, 0000000E.00000003.2287742743.0000022A221BE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A221BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
    Source: places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6
    Source: firefox.exe, 0000000E.00000003.2309074087.0000022A18EA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2275289222.0000022A18EA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2305892338.0000022A23140000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23164000.00000004.00000800.00020000.00000000.sdmp, targeting.snapshot.json.tmp.14.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
    Source: firefox.exe, 0000000E.00000003.2338796784.0000022A17BF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
    Source: firefox.exe, 0000000E.00000003.2282011450.000008D2F5A03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Z
    Source: firefox.exe, 0000000E.00000003.2309074087.0000022A18EA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2275289222.0000022A18EA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
    Source: firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 0000000E.00000003.2338796784.0000022A17BF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
    Source: firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
    Source: firefox.exe, 00000013.00000002.3921272144.000001B7D69F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/:
    Source: firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000E.00000003.2331563624.0000022A1F291000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2298178541.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
    Source: firefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.14.drString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
    Source: firefox.exe, 0000000E.00000003.2299209445.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
    Source: firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/Z
    Source: firefox.exe, 0000000E.00000003.2336846338.0000022A182B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sling.com/
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2287662115.0000022A23140000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2305892338.0000022A23140000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212502316.0000022A1857B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2330194897.0000022A2313C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
    Source: firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
    Source: firefox.exe, 0000000E.00000003.2265212619.0000022A1F549000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D690C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/Z
    Source: firefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
    Source: firefox.exe, 0000000E.00000003.2299209445.0000022A1AB59000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297667321.0000022A1F4B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
    Source: firefox.exe, 0000000E.00000003.2299209445.0000022A1AB7E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB7E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
    Source: recovery.jsonlz4.tmp.14.drString found in binary or memory: https://youtube.com/account?=
    Source: firefox.exe, 00000011.00000002.3922177760.0000013B1B0F0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.co
    Source: firefox.exe, 00000013.00000002.3923470271.000001B7D6A60000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.cocgZ
    Source: firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3920087447.000002395560A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3920087447.0000023955600000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923950707.0000023955A74000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3920766193.0000013B1AF5A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3920766193.0000013B1AF50000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922177760.0000013B1B0F4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3920709216.000001B7D66D0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923470271.000001B7D6A64000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3920709216.000001B7D66DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000C.00000002.2099358592.0000022CE8D77000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2109030788.0000022A097F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: random.exe, 00000000.00000002.2145338382.0000000001163000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd3l
    Source: firefox.exe, 0000000E.00000003.2325974140.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2312056237.0000022A16CEA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3920087447.0000023955600000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.3923950707.0000023955A74000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3920766193.0000013B1AF50000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922177760.0000013B1B0F4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3920709216.000001B7D66D0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923470271.000001B7D6A64000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54177 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54333
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54332
    Source: unknownNetwork traffic detected: HTTP traffic on port 54330 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54078 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54333 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54164 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54170 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
    Source: unknownNetwork traffic detected: HTTP traffic on port 54323 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 54084 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
    Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54078
    Source: unknownNetwork traffic detected: HTTP traffic on port 54163 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54110
    Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
    Source: unknownNetwork traffic detected: HTTP traffic on port 54173 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54191
    Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
    Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54110 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54169 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54332 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54162
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54084
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54083
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54082
    Source: unknownNetwork traffic detected: HTTP traffic on port 54191 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54162 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54164
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54163
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownNetwork traffic detected: HTTP traffic on port 54172 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
    Source: unknownNetwork traffic detected: HTTP traffic on port 54329 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
    Source: unknownNetwork traffic detected: HTTP traffic on port 54082 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
    Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54329
    Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54169
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54323
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54173
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54172
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54171
    Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54170
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54177
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54330
    Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54171 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 54083 -> 443
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49717 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49719 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.5:49724 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:49734 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54082 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54083 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54162 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:54163 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.65.91:443 -> 192.168.2.5:54164 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54173 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54172 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.5:54171 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.5:54177 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54329 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.5:54330 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0061EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061ED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,0_2_0061ED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,0_2_0061EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060AA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,0_2_0060AA57
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00639576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,0_2_00639576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000000.00000002.2143479257.0000000000662000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_8ace024f-c
    Source: random.exe, 00000000.00000002.2143479257.0000000000662000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_31c781b9-0
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_9e1e01fb-e
    Source: random.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_11cd2750-b
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B8621F2 NtQuerySystemInformation,17_2_0000013B1B8621F2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B868AF7 NtQuerySystemInformation,17_2_0000013B1B868AF7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060D5EB: CreateFileW,DeviceIoControl,CloseHandle,0_2_0060D5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00601201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00601201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060E8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,0_2_0060E8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005ABF400_2_005ABF40
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006120460_2_00612046
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A80600_2_005A8060
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006082980_2_00608298
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005DE4FF0_2_005DE4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D676B0_2_005D676B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006348730_2_00634873
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005ACAF00_2_005ACAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005CCAA00_2_005CCAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BCC390_2_005BCC39
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D6DD90_2_005D6DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BB1190_2_005BB119
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A91C00_2_005A91C0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C13940_2_005C1394
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C17060_2_005C1706
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C781B0_2_005C781B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005B997D0_2_005B997D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A79200_2_005A7920
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C19B00_2_005C19B0
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C7A4A0_2_005C7A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C1C770_2_005C1C77
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C7CA70_2_005C7CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0062BE440_2_0062BE44
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D9EEE0_2_005D9EEE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C1F320_2_005C1F32
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B8621F217_2_0000013B1B8621F2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B868AF717_2_0000013B1B868AF7
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B86291C17_2_0000013B1B86291C
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B86223217_2_0000013B1B862232
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 005A9CB3 appears 31 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 005C0A30 appears 46 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 005BF9F2 appears 40 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal76.troj.evad.winEXE@34/39@77/14
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006137B5 GetLastError,FormatMessageW,0_2_006137B5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006010BF AdjustTokenPrivileges,CloseHandle,0_2_006010BF
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006016C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,0_2_006016C3
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006151CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,0_2_006151CD
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060D4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_0060D4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,0_2_0061648E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A42A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,0_2_005A42A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6348:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3176:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3680:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6564:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7032:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: firefox.exe, 0000000E.00000003.2262080100.0000022A23164000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
    Source: firefox.exe, 0000000E.00000003.2261837370.0000022A232E1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
    Source: firefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
    Source: random.exeVirustotal: Detection: 31%
    Source: random.exeReversingLabs: Detection: 29%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2184 -parentBuildID 20230927232528 -prefsHandle 2132 -prefMapHandle 2128 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4462b6ba-8661-4864-b08d-51ab7b5f4cf6} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a0736df10 socket
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4140 -parentBuildID 20230927232528 -prefsHandle 3976 -prefMapHandle 3888 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86938175-9509-4ff7-a417-23325ed0359c} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a197d8b10 rdd
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5028 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {759d927b-34cc-45ee-91d7-b87fecc7d62f} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a2323f910 utility
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2184 -parentBuildID 20230927232528 -prefsHandle 2132 -prefMapHandle 2128 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4462b6ba-8661-4864-b08d-51ab7b5f4cf6} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a0736df10 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4140 -parentBuildID 20230927232528 -prefsHandle 3976 -prefMapHandle 3888 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86938175-9509-4ff7-a417-23325ed0359c} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a197d8b10 rddJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5028 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {759d927b-34cc-45ee-91d7-b87fecc7d62f} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a2323f910 utilityJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000E.00000003.2325039916.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324514321.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000E.00000003.2324958752.0000022A16D31000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000E.00000003.2325039916.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2324514321.0000022A16D10000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdb source: firefox.exe, 0000000E.00000003.2323705491.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.14.dr
    Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: firefox.exe, 0000000E.00000003.2321086774.0000022A18963000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdbUGP source: firefox.exe, 0000000E.00000003.2324958752.0000022A16D31000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: netprofm.pdbUGP source: firefox.exe, 0000000E.00000003.2323705491.0000022A16D19000.00000004.00000020.00020000.00000000.sdmp
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005A42DE
    Source: gmpopenh264.dll.tmp.14.drStatic PE information: section name: .rodata
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C0A76 push ecx; ret 0_2_005C0A89
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005BF98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,0_2_005BF98E
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00631C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,0_2_00631C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_0-95873
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B8621F2 rdtsc 17_2_0000013B1B8621F2
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 3.8 %
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,0_2_0060DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005DC2A2 FindFirstFileExW,0_2_005DC2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006168EE FindFirstFileW,FindClose,0_2_006168EE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,0_2_0061698F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0060D076
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,0_2_0060D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00619642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_00619642
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,0_2_0061979D
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00619B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,0_2_00619B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00615C97 FindFirstFileW,FindNextFileW,FindClose,0_2_00615C97
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005A42DE
    Source: firefox.exe, 00000010.00000002.3924699190.0000023955F40000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllX
    Source: firefox.exe, 00000010.00000002.3924699190.0000023955F40000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW,
    Source: firefox.exe, 00000010.00000002.3920087447.000002395560A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWP
    Source: firefox.exe, 00000013.00000002.3920709216.000001B7D66DA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp*
    Source: firefox.exe, 00000010.00000002.3920087447.000002395560A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3920766193.0000013B1AF5A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3924755319.0000013B1B760000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923673472.000001B7D6A70000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 00000010.00000002.3924238969.0000023955B1C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: firefox.exe, 00000010.00000002.3924699190.0000023955F40000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3924755319.0000013B1B760000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 17_2_0000013B1B8621F2 rdtsc 17_2_0000013B1B8621F2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0061EAA2 BlockInput,0_2_0061EAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_005D2622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005A42DE
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C4CE8 mov eax, dword ptr fs:[00000030h]0_2_005C4CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00600B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00600B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005D2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_005D2622
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_005C083F
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C09D5 SetUnhandledExceptionFilter,0_2_005C09D5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C0C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_005C0C21
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00601201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,0_2_00601201
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005E2BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,0_2_005E2BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_0060B226 SendInput,keybd_event,0_2_0060B226
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_006222DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,0_2_006222DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00600B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,0_2_00600B62
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00601663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,0_2_00601663
    Source: random.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005C0698 cpuid 0_2_005C0698
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005FD21C GetLocalTime,0_2_005FD21C
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005FD27A GetUserNameW,0_2_005FD27A
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005DB952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,0_2_005DB952
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_005A42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,0_2_005A42DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 5276, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 5276, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00621204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,0_2_00621204
    Source: C:\Users\user\Desktop\random.exeCode function: 0_2_00621806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,0_2_00621806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		2
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
    Extra Window Memory Injection    		3
    Obfuscated Files or Information    		Security Account Manager2
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets131
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials1
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1613652 Sample: random.exe Startdate: 12/02/2025 Architecture: WINDOWS Score: 76 45 youtube.com 2->45 47 youtube-ui.l.google.com 2->47 49 38 other IPs or domains 2->49 57 Antivirus / Scanner detection for submitted sample 2->57 59 Multi AV Scanner detection for submitted file 2->59 61 Yara detected Credential Flusher 2->61 63 2 other signatures 2->63 8 random.exe 2->8         started        11 firefox.exe 1 2->11         started        signatures3 process4 signatures5 65 Binary is likely a compiled AutoIt script file 8->65 67 Found API chain indicative of sandbox detection 8->67 13 taskkill.exe 1 8->13         started        15 taskkill.exe 1 8->15         started        17 taskkill.exe 1 8->17         started        23 3 other processes 8->23 19 firefox.exe 3 234 11->19         started        process6 dnsIp7 25 conhost.exe 13->25         started        27 conhost.exe 15->27         started        29 conhost.exe 17->29         started        51 youtube.com 142.250.185.110, 443, 49711, 49712 GOOGLEUS United States 19->51 53 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49713, 49720, 49722 GOOGLEUS United States 19->53 55 12 other IPs or domains 19->55 41 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 19->41 dropped 43 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 19->43 dropped 31 firefox.exe 1 19->31         started        33 firefox.exe 1 19->33         started        35 firefox.exe 1 19->35         started        37 conhost.exe 23->37         started        39 conhost.exe 23->39         started        file8 process9

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe32%VirustotalBrowse
    random.exe30%ReversingLabsWin32.Ransomware.Generic
    random.exe100%AviraTR/ATRAPS.Gen

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%VirustotalBrowse
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%VirustotalBrowse

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    No Antivirus matches

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		96.7.128.192
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.253.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		104.244.42.129
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		52.35.181.117
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.65.91
                  		truefalse
                    		high
                    dyna.wikimedia.org
                    		185.15.59.224
                    		truefalse
                      		high
                      prod.remote-settings.prod.webservices.mozgcp.net
                      		34.149.100.209
                      		truefalse
                        		high
                        contile.services.mozilla.com
                        		34.117.188.166
                        		truefalse
                          		high
                          youtube.com
                          		142.250.185.110
                          		truefalse
                            		high
                            prod.content-signature-chains.prod.webservices.mozgcp.net
                            		34.160.144.191
                            		truefalse
                              		high
                              a19.dscg10.akamai.net
                              		2.22.61.59
                              		truefalse
                                		high
                                youtube-ui.l.google.com
                                		142.250.185.238
                                		truefalse
                                  		high
                                  us-west1.prod.sumo.prod.webservices.mozgcp.net
                                  		34.149.128.2
                                  		truefalse
                                    		high
                                    reddit.map.fastly.net
                                    		151.101.193.140
                                    		truefalse
                                      		high
                                      ipv4only.arpa
                                      		192.0.0.170
                                      		truefalse
                                        		high
                                        prod.ads.prod.webservices.mozgcp.net
                                        		34.117.188.166
                                        		truefalse
                                          		high
                                          push.services.mozilla.com
                                          		34.107.243.93
                                          		truefalse
                                            		high
                                            normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                            		34.49.51.44
                                            		truefalse
                                              		high
                                              telemetry-incoming.r53-2.services.mozilla.com
                                              		34.120.208.123
                                              		truefalse
                                                		high
                                                www.reddit.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  spocs.getpocket.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    content-signature-2.cdn.mozilla.net
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      support.mozilla.org
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        firefox.settings.services.mozilla.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          www.youtube.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            www.facebook.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              detectportal.firefox.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                normandy.cdn.mozilla.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  shavar.services.mozilla.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    www.wikipedia.org
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                        		high
                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 0000000E.00000003.2307601200.0000022A197D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                            		high
                                                                            https://datastudio.google.com/embed/reporting/firefox.exe, 0000000E.00000003.2294039364.0000022A16F42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2304599649.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212567727.0000022A18571000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2310087880.0000022A17DA0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335592243.0000022A18F82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2307861227.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2274236755.0000022A18F6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2279096895.0000022A173B3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://www.mozilla.com0gmpopenh264.dll.tmp.14.drfalse
                                                                                		high
                                                                                https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2135491428.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                    		high
                                                                                    https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000011.00000002.3922659622.0000013B1B286000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D698F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.leboncoin.fr/firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://spocs.getpocket.com/spocsfirefox.exe, 0000000E.00000003.2338704876.0000022A17C6F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://shavar.services.mozilla.comfirefox.exe, 0000000E.00000003.2315624175.0000022A1ABDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2299209445.0000022A1ABDC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://completion.amazon.com/search/complete?q=firefox.exe, 0000000E.00000003.2265820517.0000022A1F42D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2116117838.0000022A16F81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000E.00000003.2303203736.0000022A190C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000E.00000003.2305292099.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262080100.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2313347863.0000022A23190000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://monitor.firefox.com/breach-details/firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://github.com/w3c/csswg-drafts/issues/4650firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2116117838.0000022A16F81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247449759.0000022A18A14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://www.msn.comfirefox.exe, 0000000E.00000003.2299209445.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://mozilla.org/0firefox.exe, 0000000E.00000003.2282277319.00000B7E96403000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000E.00000003.2115696891.0000022A16F1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115570127.0000022A17200000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115826633.0000022A16F3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2115965798.0000022A16F60000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://youtube.com/firefox.exe, 0000000E.00000003.2299209445.0000022A1AB7E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB7E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://json-schema.org/draft/2020-12/schema/=firefox.exe, 0000000E.00000003.2317427753.0000022A19B98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://api.accounts.firefox.com/v1firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://www.amazon.com/firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2firefox.exe, 0000000E.00000003.2274692832.0000022A18F46000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  http://ocsp.rootca1.amazontrust.com0:firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    http://win.mail.ru/cgi-bin/sentmsg?mailto=%sfirefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://www.youtube.com/firefox.exe, 0000000E.00000003.2265212619.0000022A1F549000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314808187.0000022A1F595000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D690C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://www.bbc.co.uk/firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 0000000E.00000003.2268818555.0000022A1F263000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D69C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://127.0.0.1:firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000E.00000003.2224498043.0000022A187BD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://bugzilla.mofirefox.exe, 0000000E.00000003.2294844402.0000022A23190000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://mitmdetection.services.mozilla.com/firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://amazon.comfirefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000E.00000003.2303203736.0000022A190C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://youtube.com/account?=recovery.jsonlz4.tmp.14.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://shavar.services.mozilla.com/firefox.exe, 0000000E.00000003.2274854561.0000022A18F30000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBLfirefox.exe, 0000000E.00000003.2337618944.0000022A17FA8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&reffirefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477firefox.exe, 00000010.00000002.3921555871.00000239559CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B2E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3923836116.000001B7D6C03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.14.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 0000000E.00000003.2306292916.0000022A2134A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://spocs.getpocket.com/firefox.exe, 0000000E.00000003.2338704876.0000022A17C6F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.3922659622.0000013B1B212000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.3921272144.000001B7D6913000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://www.iqiyi.com/firefox.exe, 0000000E.00000003.2140203740.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2296677027.0000022A1F592000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2264761924.0000022A1F56B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2314715346.0000022A1F59F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://youtube.com/account?=https://accounts.google.cofirefox.exe, 00000011.00000002.3922177760.0000013B1B0F0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://support.mozilla.org/products/firefoxgro.allizom.troppus.places.sqlite-wal.14.drfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://www.amazon.com/Zfirefox.exe, 0000000E.00000003.2282150555.0000185024903000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://spocs.getpocket.com/CN=Thefirefox.exe, 00000013.00000002.3921272144.000001B7D6913000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000000E.00000003.2270433385.0000022A1F053000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000E.00000003.2265820517.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiprefs-1.js.14.drfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://monitor.firefox.com/user/dashboardfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://monitor.firefox.com/aboutfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  http://mozilla.org/MPL/2.0/.firefox.exe, 0000000E.00000003.2224498043.0000022A187D9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2171790435.0000022A185E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2253452361.0000022A186C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2335143494.0000022A199D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2207243147.0000022A186EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2282897596.0000022A18A34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2220993714.0000022A185E9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2122934480.0000022A177C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2121785394.0000022A177D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2254569659.0000022A186EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2239921732.0000022A177C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2120954258.0000022A186EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2334467328.0000022A19F89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2224498043.0000022A187B8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2142233199.0000022A1F0D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2141756482.0000022A1F49D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283557330.0000022A188C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2247449759.0000022A18A39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2283791972.0000022A18869000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2271507050.0000022A1AAC4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2284846647.0000022A188EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://account.bellmedia.cfirefox.exe, 0000000E.00000003.2299209445.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      http://youtube.com/firefox.exe, 0000000E.00000003.2264761924.0000022A1F557000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2153861305.0000022A1F555000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://login.microsoftonline.comfirefox.exe, 0000000E.00000003.2299209445.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2332390588.0000022A1AB93000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://coverage.mozilla.orgfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            http://crl.thawte.com/ThawteTimestampingCA.crl0gmpopenh264.dll.tmp.14.drfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              http://x1.c.lencr.org/0firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2261940609.0000022A231EC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                http://x1.i.lencr.org/0firefox.exe, 0000000E.00000003.2338254869.0000022A17CB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2261940609.0000022A231EC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  http://a9.com/-/spec/opensearch/1.1/firefox.exe, 0000000E.00000003.2265820517.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2297194502.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2159586620.0000022A1F4F9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000000E.00000003.2136913609.0000022A1F13B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      https://blocked.cdn.mozilla.net/firefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnoredfirefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          http://developer.mozilla.org/en/docs/DOM:element.addEventListenerfirefox.exe, 0000000E.00000003.2269566233.0000022A1F0E1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            https://duckduckgo.com/?t=ffab&q=firefox.exe, 0000000E.00000003.2153861305.0000022A1F535000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              https://profiler.firefox.comfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://outlook.live.com/default.aspx?rru=compose&to=%sfirefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                  https://identity.mozilla.com/apps/relayfirefox.exe, 0000000E.00000003.2308679812.0000022A18EF3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2275108688.0000022A18EF3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                    https://mozilla.cloudflare-dns.com/dns-queryfirefox.exe, 00000010.00000002.3923839792.0000023955A20000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000011.00000002.3921273250.0000013B1B0A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.3920954531.000001B7D6710000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                      https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2firefox.exe, 0000000E.00000003.2334189753.0000022A19FB4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2315918411.0000022A19FAF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                        https://bugzilla.mozilla.org/show_bug.cgi?id=1678448firefox.exe, 0000000E.00000003.2212994932.0000022A1862B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2212849796.0000022A18617000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2211410092.0000022A18606000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                                          https://mail.yahoo.co.jp/compose/?To=%sfirefox.exe, 0000000E.00000003.2120217731.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2288780124.0000022A1707F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2277225244.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241394832.0000022A17073000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2241051173.0000022A171DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2291747688.0000022A1707F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                                            https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/firefox.exe, 0000000E.00000003.2311437224.0000022A22181000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000003.2262634600.0000022A22166000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                              		high

                                                                                                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                                                                                                              Public IPs

                                                                                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                              2.22.61.59
                                                                                                                                                                                                                                                                              		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                              34.149.100.209
                                                                                                                                                                                                                                                                              		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              142.250.185.110
                                                                                                                                                                                                                                                                              		youtube.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.107.243.93
                                                                                                                                                                                                                                                                              		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              151.101.65.91
                                                                                                                                                                                                                                                                              		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                                              		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                              34.107.221.82
                                                                                                                                                                                                                                                                              		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              52.35.181.117
                                                                                                                                                                                                                                                                              		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                              35.244.181.201
                                                                                                                                                                                                                                                                              		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.49.51.44
                                                                                                                                                                                                                                                                              		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              34.117.188.166
                                                                                                                                                                                                                                                                              		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                              35.190.72.216
                                                                                                                                                                                                                                                                              		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.160.144.191
                                                                                                                                                                                                                                                                              		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              34.120.208.123
                                                                                                                                                                                                                                                                              		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                              Private

                                                                                                                                                                                                                                                                              IP
                                                                                                                                                                                                                                                                              127.0.0.1

                                                                                                                                                                                                                                                                              General Information

                                                                                                                                                                                                                                                                              Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                                              Analysis ID:1613652
                                                                                                                                                                                                                                                                              Start date and time:2025-02-12 22:03:36 +01:00
                                                                                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                              Overall analysis duration:0h 7m 46s
                                                                                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                                                                                              Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                              Run name:Run with higher sleep bypass
                                                                                                                                                                                                                                                                              Number of analysed new started processes analysed:21
                                                                                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                                                                                              • HCA enabled
                                                                                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                                                                                              • AMSI enabled
                                                                                                                                                                                                                                                                              Analysis Mode:default
                                                                                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                              Sample name:random.exe
                                                                                                                                                                                                                                                                              Detection:MAL
                                                                                                                                                                                                                                                                              Classification:mal76.troj.evad.winEXE@34/39@77/14
                                                                                                                                                                                                                                                                              EGA Information:
                                                                                                                                                                                                                                                                              • Successful, ratio: 40%
                                                                                                                                                                                                                                                                              HCA Information:
                                                                                                                                                                                                                                                                              • Successful, ratio: 96%
                                                                                                                                                                                                                                                                              • Number of executed functions: 50
                                                                                                                                                                                                                                                                              • Number of non-executed functions: 286
                                                                                                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                                                                                                              • Found application associated with file extension: .exe
                                                                                                                                                                                                                                                                              • Sleeps bigger than 100000000ms are automatically reduced to 1000ms
                                                                                                                                                                                                                                                                              • Sleep loops longer than 100000000ms are bypassed. Single calls with delay of 100000000ms and higher are ignored

                                                                                                                                                                                                                                                                              Warnings

                                                                                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 142.250.181.234, 142.250.184.234, 142.250.184.206, 142.250.181.238, 2.19.106.160, 13.107.246.45, 20.12.23.50, 20.109.210.53
                                                                                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, ciscobinary.openh264.org, ocsp.digicert.com, redirector.gvt1.com, otelrules.azureedge.net, slscr.update.microsoft.com, incoming.telemetry.mozilla.org, ctldl.windowsupdate.com, safebrowsing.googleapis.com, aus5.mozilla.org, location.services.mozilla.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                                                                                              • Execution Graph export aborted for target firefox.exe, PID 6160 because there are no executed function
                                                                                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                              • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                              Simulations

                                                                                                                                                                                                                                                                              Behavior and APIs

                                                                                                                                                                                                                                                                              No simulations

                                                                                                                                                                                                                                                                              Joe Sandbox View / Context

                                                                                                                                                                                                                                                                              IPs

                                                                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                              2.22.61.59random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                              • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                              34.149.100.209https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                          c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                            4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                151.101.65.91https://hopp.bio/universeglobalcentGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                    https://jarqiull.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      http://facebooksafety23.wixsite.com/verifyGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        http://mww1761.wixsite.com/my-site-1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          http://coinbasecomlogiin.wixsite.com/coinbasecomloginGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            http://krienkekiim.wixsite.com/my-site-2Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                              http://flowto.it/eVqmHdTP1QGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                    52.35.181.117https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                      px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                          c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, LummaC Stealer, Stealc, VidarBrowse

                                                                                                                                                                                                                                                                                                                            Domains

                                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                            twitter.comhttps://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 104.244.42.65
                                                                                                                                                                                                                                                                                                                            http://t.co/ievAFoVb9IGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 104.244.42.129
                                                                                                                                                                                                                                                                                                                            example.orghttps://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 23.215.0.132
                                                                                                                                                                                                                                                                                                                            YWih6T9PUp.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                            • 23.215.0.133
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 23.215.0.132
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 96.7.128.186
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 23.215.0.132
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 23.215.0.133
                                                                                                                                                                                                                                                                                                                            HEnpMb8iZs.exeGet hashmaliciousAmadey, Healer AV Disabler, LummaC Stealer, PureLog Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                            • 23.215.0.132
                                                                                                                                                                                                                                                                                                                            c3QebhWPbe.exeGet hashmaliciousAmadey, GCleaner, Healer AV Disabler, KeyLogger, LummaC Stealer, Stealc, StormKittyBrowse
                                                                                                                                                                                                                                                                                                                            • 96.7.128.192
                                                                                                                                                                                                                                                                                                                            4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 96.7.128.192
                                                                                                                                                                                                                                                                                                                            star-mini.c10r.facebook.comhttps://s3.eu-north-1.amazonaws.com/eu-north-1.console.aws.amazon.comsilme/chisomailerlogger.html#cwvmanager@glm.caGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.252.35
                                                                                                                                                                                                                                                                                                                            https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.253.35
                                                                                                                                                                                                                                                                                                                            https://storage.googleapis.com/salesflow25/eranewmar.html#?Z289MSZzMT0yMDU1MzU1JnMyPTkwNTI3Njc0JnMzPUdMQg==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.0.35
                                                                                                                                                                                                                                                                                                                            https://missbaker.be/fr/Get hashmaliciousCAPTCHA Scam ClickFix, PhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.251.35
                                                                                                                                                                                                                                                                                                                            https://www.theintentionaliep.com/product/digital-special-education/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.251.35
                                                                                                                                                                                                                                                                                                                            http://projectlombok.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.0.35
                                                                                                                                                                                                                                                                                                                            https://gmiinlogin.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.251.35
                                                                                                                                                                                                                                                                                                                            https://gememeinlogin.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.253.35
                                                                                                                                                                                                                                                                                                                            https://geimipllogin.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 157.240.251.35

                                                                                                                                                                                                                                                                                                                            ASNs

                                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                            FASTLYUShttps://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://www.smallx2.com/baby-duck&ved=2ahUKEwjXsovogb2LAxXySzABHVIWGVIQFnoECBQQAQ&usg=AOvVaw0HBOjB2vDfbkorqhvx25T6Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.194.137
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousAmadey, LummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                            • 185.199.110.133
                                                                                                                                                                                                                                                                                                                            MFA Setup Guide.pdf.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.194.137
                                                                                                                                                                                                                                                                                                                            https://s3.eu-north-1.amazonaws.com/eu-north-1.console.aws.amazon.comsilme/chisomailerlogger.html#cwvmanager@glm.caGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.65.229
                                                                                                                                                                                                                                                                                                                            http://rfsfwh5lvh.imerivilen.shopGet hashmaliciousEvilProxy, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.129.229
                                                                                                                                                                                                                                                                                                                            https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.1.91
                                                                                                                                                                                                                                                                                                                            Calendly_x86_64Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.195.6
                                                                                                                                                                                                                                                                                                                            http://rfsfwh5lvh.imerivilen.shopGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.65.229
                                                                                                                                                                                                                                                                                                                            https://storage.googleapis.com/salesflow25/eranewmar.html#?Z289MSZzMT0yMDU1MzQ3JnMyPTM0ODY1OTg4MCZzMz1HTEI=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 151.101.2.217
                                                                                                                                                                                                                                                                                                                            AMAZON-02USSecuriteInfo.com.Linux.Siggen.8345.11332.25709.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 54.171.230.55
                                                                                                                                                                                                                                                                                                                            https://www.evalandgo.com/f/253677/4pz9AChuogX4SvAKtm9JuqGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 15.237.12.71
                                                                                                                                                                                                                                                                                                                            https://sticeaty.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 3.130.72.53
                                                                                                                                                                                                                                                                                                                            https://s3.eu-north-1.amazonaws.com/eu-north-1.console.aws.amazon.comsilme/chisomailerlogger.html#cwvmanager@glm.caGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 52.95.171.53
                                                                                                                                                                                                                                                                                                                            https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 52.35.181.117
                                                                                                                                                                                                                                                                                                                            us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                            • 108.138.106.21
                                                                                                                                                                                                                                                                                                                            Please Complete Contracts 06884 (8.48 KB).msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 18.223.103.208
                                                                                                                                                                                                                                                                                                                            report.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 18.244.20.109
                                                                                                                                                                                                                                                                                                                            feOSwB7iCi.exeGet hashmaliciousAteraAgentBrowse
                                                                                                                                                                                                                                                                                                                            • 35.157.63.229
                                                                                                                                                                                                                                                                                                                            AKAMAI-ASN1EUhttps://www.evalandgo.com/f/253677/4pz9AChuogX4SvAKtm9JuqGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 172.233.115.184
                                                                                                                                                                                                                                                                                                                            https://s3.eu-north-1.amazonaws.com/eu-north-1.console.aws.amazon.comsilme/chisomailerlogger.html#cwvmanager@glm.caGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 72.247.153.217
                                                                                                                                                                                                                                                                                                                            https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 2.22.61.56
                                                                                                                                                                                                                                                                                                                            us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                            • 23.44.203.76
                                                                                                                                                                                                                                                                                                                            report.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 88.221.110.169
                                                                                                                                                                                                                                                                                                                            https://storage.googleapis.com/salesflow25/eranewmar.html#?Z289MSZzMT0yMDU1MzQ3JnMyPTM0ODY1OTg4MCZzMz1HTEI=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 88.221.110.128
                                                                                                                                                                                                                                                                                                                            https://storage.googleapis.com/salesflow25/eranewmar.html#?Z289MSZzMT0yMDU1MzU1JnMyPTkwNTI3Njc0JnMzPUdMQg==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 2.16.168.13
                                                                                                                                                                                                                                                                                                                            jade.arm.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                            • 95.100.100.161
                                                                                                                                                                                                                                                                                                                            5483691287.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            • 95.101.182.65
                                                                                                                                                                                                                                                                                                                            ATGS-MMD-ASUShttps://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 34.170.181.9
                                                                                                                                                                                                                                                                                                                            https://click.email.active.com/f/a/b5t38nspjZGSE4n8ZbboEA~~/AAOtGhA~/67VZjvLZTObgBenByL0_rAbx6JtY0Q8SebFkuZjfd15WCdnP8FJWgO862cOsFew4QgMf6lgl-QZKrhGleyG8aaM87gPCaY4Wb8wLLFgVtFlXHuw4HJZCKDA_8W_RMpQe7Omz9HwtgDV69tVTC5eqbwYD74IllH7NNpbb40BxonKdtPZl-pn0qyT-Ch24PWMXFtr2Ja3LpQxuOiYH8Mw_rwM8OUI0LFB36NwNoyS8V__8SXZ5sCt7DCynuMYv1_ksGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 34.170.181.9
                                                                                                                                                                                                                                                                                                                            https://click.email.active.com/f/a/bVF0Ba7CFZU7G3aNanGG0w~~/AAOtGhA~/67VZjvLZTObgBenByL0_rAbx6JtY0Q8SebFkuZjfd15WCdnP8FJWgO862cOsFew4QgMf6lgl-QZKrhGleyG8aaM87gPCaY4Wb8wLLFgVtFmILzRmUSLx3U3rX9POT2oWknlv9yXJuKkpqC-Ul6x3YsUHUYXkRu7PM9j0RTxSyLY9ik0n3nEkVVv0snv3cN1E-TgrMUopk9F5q1DAtRYfMvhh_2q2I2FeXElrd5XKF2RAqwnLuY_4KebtO_D9-7W6Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 34.170.181.9
                                                                                                                                                                                                                                                                                                                            https://storage.googleapis.com/salesflow25/eranewmar.html#?Z289MSZzMT0yMDU1MzU1JnMyPTkwNTI3Njc0JnMzPUdMQg==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            • 34.144.212.59
                                                                                                                                                                                                                                                                                                                            jade.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                            • 34.165.41.60
                                                                                                                                                                                                                                                                                                                            jade.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                            • 57.231.210.58
                                                                                                                                                                                                                                                                                                                            jade.spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                            • 62.200.238.57
                                                                                                                                                                                                                                                                                                                            https://cloudgate.digitalshrill.com/c/pokhhtfeGet hashmaliciousHackBrowserBrowse
                                                                                                                                                                                                                                                                                                                            • 34.160.111.145
                                                                                                                                                                                                                                                                                                                            Fantazy.spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                            • 51.98.239.238

                                                                                                                                                                                                                                                                                                                            JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                            fb0aa01abe9d8e4037eb3473ca6e2dcarandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            0xqfQZufeQ.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                            • 35.244.181.201
                                                                                                                                                                                                                                                                                                                            • 34.149.100.209
                                                                                                                                                                                                                                                                                                                            • 34.160.144.191
                                                                                                                                                                                                                                                                                                                            • 151.101.65.91
                                                                                                                                                                                                                                                                                                                            • 34.120.208.123

                                                                                                                                                                                                                                                                                                                            Dropped Files

                                                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmppx4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                    4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                      4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                                                                Created / dropped Files

                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_d00f6d45-f27e-4fc5-aac1-ec84d30f6dc0.json (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.180142066426954
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:dKMX+4rtbhbVbTbfbRbObtbyEl7nIrzJA6wnSrDtTkd/S+:dPLtNhnzFSJorKjnSrDhkd/r
                                                                                                                                                                                                                                                                                                                                                                MD5:0F39C0C3C6C066EC0BFB33A70EDE13FA
                                                                                                                                                                                                                                                                                                                                                                SHA1:86BCFE06E529510780045103C5272FFA410079E2
                                                                                                                                                                                                                                                                                                                                                                SHA-256:2E0402375E987818203CE7AB942FA4A34993FCA04CCB7FFB036C6DAE15AF3A9D
                                                                                                                                                                                                                                                                                                                                                                SHA-512:2CFE3C7FB3E2FE4C15C00492E0A972447DEC277C59F20AB1538FBD7894AC5DBB86F79701C12D31D46BB811F8308178E986F34AB27DF2A1E1C20AF24545882052
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"type":"uninstall","id":"d00f6d45-f27e-4fc5-aac1-ec84d30f6dc0","creationDate":"2025-02-12T22:53:03.790Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_d00f6d45-f27e-4fc5-aac1-ec84d30f6dc0.json.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):7813
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.180142066426954
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:dKMX+4rtbhbVbTbfbRbObtbyEl7nIrzJA6wnSrDtTkd/S+:dPLtNhnzFSJorKjnSrDhkd/r
                                                                                                                                                                                                                                                                                                                                                                MD5:0F39C0C3C6C066EC0BFB33A70EDE13FA
                                                                                                                                                                                                                                                                                                                                                                SHA1:86BCFE06E529510780045103C5272FFA410079E2
                                                                                                                                                                                                                                                                                                                                                                SHA-256:2E0402375E987818203CE7AB942FA4A34993FCA04CCB7FFB036C6DAE15AF3A9D
                                                                                                                                                                                                                                                                                                                                                                SHA-512:2CFE3C7FB3E2FE4C15C00492E0A972447DEC277C59F20AB1538FBD7894AC5DBB86F79701C12D31D46BB811F8308178E986F34AB27DF2A1E1C20AF24545882052
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"type":"uninstall","id":"d00f6d45-f27e-4fc5-aac1-ec84d30f6dc0","creationDate":"2025-02-12T22:53:03.790Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"1fca7bd2-7b44-4c45-b0ea-e0486850ce95","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\v6zchhhv.default-release\jumpListCache\pV+3TL7Nu3EP5juvr_gPjg==.ico

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows icon resource - 1 icon, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 24 bits/pixel
                                                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):490
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.246483341090937
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:l8v/7J2T+gwjz+vdzLSMO9mj253UT3BcHXhJo:82CgwS//O91iT3BUXh6
                                                                                                                                                                                                                                                                                                                                                                MD5:BD9751DFFFEFFA2154CC5913489ED58C
                                                                                                                                                                                                                                                                                                                                                                SHA1:1C9230053C45CA44883103A6ACFDF49AC53ABF45
                                                                                                                                                                                                                                                                                                                                                                SHA-256:834C4F18E96CFDAA395246183DE76032F1B77886764CEEBE52F6A146FA4D4C3B
                                                                                                                                                                                                                                                                                                                                                                SHA-512:01072F60F4B2489BB84639A6179A82A3EA90A31C1AD61D30EF27800C3114DB5E45662583E1C0B5382F51635DC14372EFC71DCD069999D6B21A5D256C70697790
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:.......................PNG........IHDR................a....IDAT8O...1P......p....d1.....v)......p.nXM.t.H.(.......B$..}_G.{.......:uN...=......s|.$...`0.....dl6.>>>p.\.v;z.......F.a:.2..D.V.....V..n...g.z.X..C...v.......=.H..d..P*...i.."...X,.B...h...xyy.V....I$..J%r....6....Z-:...P..J..........|>'...P.\&.....l6....N5...Z.x<.....h.z..'@...L&.F..'.Jq<...m6.OOO.....$..r:.......v..V..ze.\.p.R..t.Z.....r...B...3.B..0...T*E".p8.D0..`2.D.j...h..n...wF...........#......O....IEND.B`.

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                                                MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                                                SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                                                SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                                                SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):453023
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                                                                MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                                                                SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                                                                SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                                                                SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.3082799487363714
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:VwdfAIAjdTIUx2dWoM15+LN8zmYwdfAIAjdswM+bpoqdWoM15+LFX1RgmWwdfAIb:Vwdq2UgdwLzXwdqm6BdwNlwdqGadwP1
                                                                                                                                                                                                                                                                                                                                                                MD5:E3F9B77A6D061EABFFD50AA7B51776B3
                                                                                                                                                                                                                                                                                                                                                                SHA1:E112A599B4C8EC837579C88CA6C0C9C151D56303
                                                                                                                                                                                                                                                                                                                                                                SHA-256:F25BC88D042E4DB1097917D960AC68A8814BB178289BF1567A6C3D3C7F1A6231
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B0C2DE14F49CAC9650F72989A1B9BAF4D32021C81FC835C55AE86BFCCF0F4EF1BBD5ABD74B0B68258A8D79F29FABE6DD8CECA55C8175DD3286AA95EF261A56C5
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ...p.......'K...}..........S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.ILZ......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WLZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WLZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z...........Z..|.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\4XYVP1VFFLDL4TUYLL3Q.temp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.3082799487363714
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:VwdfAIAjdTIUx2dWoM15+LN8zmYwdfAIAjdswM+bpoqdWoM15+LFX1RgmWwdfAIb:Vwdq2UgdwLzXwdqm6BdwNlwdqGadwP1
                                                                                                                                                                                                                                                                                                                                                                MD5:E3F9B77A6D061EABFFD50AA7B51776B3
                                                                                                                                                                                                                                                                                                                                                                SHA1:E112A599B4C8EC837579C88CA6C0C9C151D56303
                                                                                                                                                                                                                                                                                                                                                                SHA-256:F25BC88D042E4DB1097917D960AC68A8814BB178289BF1567A6C3D3C7F1A6231
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B0C2DE14F49CAC9650F72989A1B9BAF4D32021C81FC835C55AE86BFCCF0F4EF1BBD5ABD74B0B68258A8D79F29FABE6DD8CECA55C8175DD3286AA95EF261A56C5
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ...p.......'K...}..........S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.ILZ......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WLZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WLZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z...........Z..|.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.3082799487363714
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:VwdfAIAjdTIUx2dWoM15+LN8zmYwdfAIAjdswM+bpoqdWoM15+LFX1RgmWwdfAIb:Vwdq2UgdwLzXwdqm6BdwNlwdqGadwP1
                                                                                                                                                                                                                                                                                                                                                                MD5:E3F9B77A6D061EABFFD50AA7B51776B3
                                                                                                                                                                                                                                                                                                                                                                SHA1:E112A599B4C8EC837579C88CA6C0C9C151D56303
                                                                                                                                                                                                                                                                                                                                                                SHA-256:F25BC88D042E4DB1097917D960AC68A8814BB178289BF1567A6C3D3C7F1A6231
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B0C2DE14F49CAC9650F72989A1B9BAF4D32021C81FC835C55AE86BFCCF0F4EF1BBD5ABD74B0B68258A8D79F29FABE6DD8CECA55C8175DD3286AA95EF261A56C5
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ...p.......'K...}..........S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.ILZ......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WLZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WLZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z...........Z..|.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\DEOFKVQ2N4P49OWB7GKV.temp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5488
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.3082799487363714
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:VwdfAIAjdTIUx2dWoM15+LN8zmYwdfAIAjdswM+bpoqdWoM15+LFX1RgmWwdfAIb:Vwdq2UgdwLzXwdqm6BdwNlwdqGadwP1
                                                                                                                                                                                                                                                                                                                                                                MD5:E3F9B77A6D061EABFFD50AA7B51776B3
                                                                                                                                                                                                                                                                                                                                                                SHA1:E112A599B4C8EC837579C88CA6C0C9C151D56303
                                                                                                                                                                                                                                                                                                                                                                SHA-256:F25BC88D042E4DB1097917D960AC68A8814BB178289BF1567A6C3D3C7F1A6231
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B0C2DE14F49CAC9650F72989A1B9BAF4D32021C81FC835C55AE86BFCCF0F4EF1BBD5ABD74B0B68258A8D79F29FABE6DD8CECA55C8175DD3286AA95EF261A56C5
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ...p.......'K...}..........S...........................P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.ILZ......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....h.1.....CW.X..MOZILL~1..P......CW}WLZ..............................>.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.....b.2..S..<W,. .firefox.exe.H......CW}WLZ................................f.i.r.e.f.o.x...e.x.e.......[...............-.......Z...........Z..|.....C:\Program Files\Mozilla Firefox\firefox.exe....O.p.e.n. .a. .n.e.w. .b.r.o.w.s.e.r. .t.a.b.....-.n.e.w.-.t.a.b. .a.b.o.u.t.:.b.l.a.n.k.,.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.M.o.z.i.l.l.a. .F.i.r.e.f.o.x.\.f.i.r.e.f.o.x...e.x.e.........%ProgramFiles%\Mozilla Firefox\firefox.exe................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.927609473251976
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YnSwkmrOVPUFRbOdwNIOdoWLEWLtkDZuwpx5FBvipA6kb92the6LuhakNU9Sxeln:8S+OVPUFRbOdwNIOdYpjvY1Q6LLk8P
                                                                                                                                                                                                                                                                                                                                                                MD5:8673553F42B679E956A86CE8799C8D78
                                                                                                                                                                                                                                                                                                                                                                SHA1:EF2DE9C46D848426B6981413CCC8F56F6C137203
                                                                                                                                                                                                                                                                                                                                                                SHA-256:DF0759D7E5B6120872FC2509481B271E969DA8F8AB3E5042C8245D94133B722E
                                                                                                                                                                                                                                                                                                                                                                SHA-512:73501E6E8AD7E5753895B2A123755B141CC45181A38BD4ABC8B81ED1BF8141B8898736E6FA8B7007279FA250A2F2A76DDEA375461860E5927AA7A4A43A8277F2
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"3ba649bc-be47-4b92-8762-21cab57bda3b","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-04T13:40:33.697Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.927609473251976
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:YnSwkmrOVPUFRbOdwNIOdoWLEWLtkDZuwpx5FBvipA6kb92the6LuhakNU9Sxeln:8S+OVPUFRbOdwNIOdYpjvY1Q6LLk8P
                                                                                                                                                                                                                                                                                                                                                                MD5:8673553F42B679E956A86CE8799C8D78
                                                                                                                                                                                                                                                                                                                                                                SHA1:EF2DE9C46D848426B6981413CCC8F56F6C137203
                                                                                                                                                                                                                                                                                                                                                                SHA-256:DF0759D7E5B6120872FC2509481B271E969DA8F8AB3E5042C8245D94133B722E
                                                                                                                                                                                                                                                                                                                                                                SHA-512:73501E6E8AD7E5753895B2A123755B141CC45181A38BD4ABC8B81ED1BF8141B8898736E6FA8B7007279FA250A2F2A76DDEA375461860E5927AA7A4A43A8277F2
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"3ba649bc-be47-4b92-8762-21cab57bda3b","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-04T13:40:33.697Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                                                MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                                                SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                                                SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                                                SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Mozilla lz4 compressed data, originally 22422 bytes
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5308
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.599374203470186
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:z2YbKsKNU2xWrp327tGmD4wBON6h6cHAHJVauvjZHjkTymdS1/qTMg6Uhm:zTx2x2t0FDJ4NpkuvjdeplTMohm
                                                                                                                                                                                                                                                                                                                                                                MD5:EB56C2F4DA9435F3D5574161F414CD17
                                                                                                                                                                                                                                                                                                                                                                SHA1:74A8FC3EC0559740FD9D835B638354985E2DEAB6
                                                                                                                                                                                                                                                                                                                                                                SHA-256:394E803D5FF8E156DFA7D15E96B51A683F4624A1BCF88EAA532399AC2C9B0966
                                                                                                                                                                                                                                                                                                                                                                SHA-512:DF90568D191C757392FB85BDDA5333C7FE7E3BB370C5DE8C50DD810B938D732E39B5608FB4494CAADAE99E1601989FDFC0FEBDCF70F27FFE581F904170A81E0F
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:mozLz40..W....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                                MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                                SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                                SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                                MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                                SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                                SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):262144
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                                                                MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                                                                SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                                                                SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                                                                SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                                MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                                SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                                SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                                SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                                MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                                SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                                SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                                SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1867463390487
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                                                                                                                                                                                                                                                                                                MD5:98875950B62B398FFE70C0A8D0998017
                                                                                                                                                                                                                                                                                                                                                                SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                                                                                                                                                                                                                                                                                                SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                                                                                                                                                                                                                                                                                                SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1867463390487
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:JI4avfWX94O6L4x4ME454N4ohvM4T4Pia4T4I4t54U:JI4KvG
                                                                                                                                                                                                                                                                                                                                                                MD5:98875950B62B398FFE70C0A8D0998017
                                                                                                                                                                                                                                                                                                                                                                SHA1:CFCFFF938402E53D341FE392E25D2E6C557E548F
                                                                                                                                                                                                                                                                                                                                                                SHA-256:1B445C7E12712026D4E663426527CE58FD221D2E26545AEA699E67D60F16E7F0
                                                                                                                                                                                                                                                                                                                                                                SHA-512:728FF6FF915A45B44D720F41F9545F41F1BF5FB218D58073BD27DB19145D2225488988BE80FB0F712922D7B661E1A64448E3F71F09A1480B6F20BD2480888ABF
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{7a5650ac-9a89-4807-a040-9f0832bf39a9}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                                MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                                SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                                SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                                SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                                                Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                                • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                                MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                                SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                                SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                                SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                                                Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                                • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                                MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                                SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                                SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                                SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                                MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                                SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                                SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                                SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.07332220847014906
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zkiEK:DLhesh7Owd4+ji
                                                                                                                                                                                                                                                                                                                                                                MD5:961036DD602A7C2E8C0733B34F17CC5B
                                                                                                                                                                                                                                                                                                                                                                SHA1:1C50B06FF6EEFACF62D445D64EC6D440026BE33C
                                                                                                                                                                                                                                                                                                                                                                SHA-256:9D58610CA4126D4B69F336274F2A0C1DB550CE6477B808F2C00ADA2DF572C379
                                                                                                                                                                                                                                                                                                                                                                SHA-512:FD92EA77550588E82AB7520BF34601EB394951591CE1A368B4C0C040A3283BB6E0E3C213D057D03F070D1F1D700E54C84DBB5DBB83818420164E52D5417E8534
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.039545238451853294
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:GHlhViN1HQUJEdlhViN1HQUJ5ol8a9//Ylll4llqlyllel4lt:G7ViNdBJEhViNdBJSL9XIwlio
                                                                                                                                                                                                                                                                                                                                                                MD5:715279F90B80ED403C6D972CB50A3C72
                                                                                                                                                                                                                                                                                                                                                                SHA1:2148051915BE20B81590F5413E248336B4E9F468
                                                                                                                                                                                                                                                                                                                                                                SHA-256:D9EE83A659F9888DB6899C2A2A7D40E0C9AFC6BA3D62AA787E6913FD74B0DAD3
                                                                                                                                                                                                                                                                                                                                                                SHA-512:DA1EC31BA1F58E0ACE0259F5F3487F14B9738A84F31F0840A967537C2B897A80EEDF93341AF4166378FA53E8FEEEEF0C6A5324962D519968DCCE03727D9A8DA5
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:..-........................9...'..gx....&.........-........................9...'..gx....&...............................................................'...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):163992
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.13384338688907435
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:KNYA7fkelqLxsZ+T/2zxsMlCXsMzqCFZ7pCF6C5WUCuSCCQE/HaaKCc7RCGOxsaH:4MNQC2VJCXs4qLWeJa1VyAAZk
                                                                                                                                                                                                                                                                                                                                                                MD5:566FBA16ED7776D5B8F3E64D6843FE73
                                                                                                                                                                                                                                                                                                                                                                SHA1:2107DD35CCAA7B6A74F9C70CBA39BC8FCAAEBDD4
                                                                                                                                                                                                                                                                                                                                                                SHA-256:46D4F713FC108F3C3C857D7493C05CA135F2C90A7582742350C34B892043AC8B
                                                                                                                                                                                                                                                                                                                                                                SHA-512:AD1E5E586835DADC99D2A84A3675E2EE57B93EA951BD9BAAC3436F1EA9CDD39B8067BCD6E6AB9C720061D0EE01196506569FB7329BE27F074DEAB8935931C83A
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:7....-............gx....N...G.B..........gx....IT.m..q.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.478504925368752
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:FnPOeRnLYbBp6TJ0aX+b6SEXKC6Njv5RHWNBw8svSl:RDemJUOT2vHEwp0
                                                                                                                                                                                                                                                                                                                                                                MD5:EB8B78694E9A220AF3A372EEE485D38D
                                                                                                                                                                                                                                                                                                                                                                SHA1:17D2EF48C49273DBBCCB65FA8C4217849BDFF61C
                                                                                                                                                                                                                                                                                                                                                                SHA-256:2F5312DE60D149DF9818344F41D86EE7F93389E787AF3CAFC493D8CE9AA19D01
                                                                                                                                                                                                                                                                                                                                                                SHA-512:BFF4FAF707029D7F005A4830E21CD0ED87CB15056FAE146158E3708D2AA807CEF6778507289248CCD4ECAA2957F10F9BE41F423561E9FE335C6B1025D45F9CC7
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739400754);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739400754);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739400754);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173940

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.478504925368752
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:FnPOeRnLYbBp6TJ0aX+b6SEXKC6Njv5RHWNBw8svSl:RDemJUOT2vHEwp0
                                                                                                                                                                                                                                                                                                                                                                MD5:EB8B78694E9A220AF3A372EEE485D38D
                                                                                                                                                                                                                                                                                                                                                                SHA1:17D2EF48C49273DBBCCB65FA8C4217849BDFF61C
                                                                                                                                                                                                                                                                                                                                                                SHA-256:2F5312DE60D149DF9818344F41D86EE7F93389E787AF3CAFC493D8CE9AA19D01
                                                                                                                                                                                                                                                                                                                                                                SHA-512:BFF4FAF707029D7F005A4830E21CD0ED87CB15056FAE146158E3708D2AA807CEF6778507289248CCD4ECAA2957F10F9BE41F423561E9FE335C6B1025D45F9CC7
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739400754);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739400754);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739400754);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173940

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                                                                MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                                                                SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                                                                SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                                                                SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                                MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                                SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                                SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                                SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                                MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                                SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                                SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                                SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1575
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.372751064716247
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:v+USUGlcAxSsNELXnIr+/pnxQwRcWT5sKmgb0I3eHVpjO+Y1amhu5JJwO2c0TiVv:GUpOxqfnRcoegn3erjxY1mJwc3zBtR
                                                                                                                                                                                                                                                                                                                                                                MD5:BFB56D83D301998A5726920B7C010856
                                                                                                                                                                                                                                                                                                                                                                SHA1:06380AA458BFEBE18ECEB23AA58B5E2C7F6EEAA9
                                                                                                                                                                                                                                                                                                                                                                SHA-256:09B943FF776CF3DB4D3800E1E8758D1525A3CCC3B12AE1C41607D3AE0B9CF227
                                                                                                                                                                                                                                                                                                                                                                SHA-512:33B545F1C172ACD5C2C7D2588801DEA2102F5AF39B82384337E1C386638A9D7E508F0D7E3A3C6946309ABFF136B6946925B5AFEAEDB57216E8750916A0C35A4F
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{170f99f7-886e-45fc-aa4a-2f7e5958b89c}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1739400758753,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2150633470....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..A2362...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...33073,"originA...."fir

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1575
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.372751064716247
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:v+USUGlcAxSsNELXnIr+/pnxQwRcWT5sKmgb0I3eHVpjO+Y1amhu5JJwO2c0TiVv:GUpOxqfnRcoegn3erjxY1mJwc3zBtR
                                                                                                                                                                                                                                                                                                                                                                MD5:BFB56D83D301998A5726920B7C010856
                                                                                                                                                                                                                                                                                                                                                                SHA1:06380AA458BFEBE18ECEB23AA58B5E2C7F6EEAA9
                                                                                                                                                                                                                                                                                                                                                                SHA-256:09B943FF776CF3DB4D3800E1E8758D1525A3CCC3B12AE1C41607D3AE0B9CF227
                                                                                                                                                                                                                                                                                                                                                                SHA-512:33B545F1C172ACD5C2C7D2588801DEA2102F5AF39B82384337E1C386638A9D7E508F0D7E3A3C6946309ABFF136B6946925B5AFEAEDB57216E8750916A0C35A4F
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{170f99f7-886e-45fc-aa4a-2f7e5958b89c}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1739400758753,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2150633470....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..A2362...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...33073,"originA...."fir

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1575
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.372751064716247
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:v+USUGlcAxSsNELXnIr+/pnxQwRcWT5sKmgb0I3eHVpjO+Y1amhu5JJwO2c0TiVv:GUpOxqfnRcoegn3erjxY1mJwc3zBtR
                                                                                                                                                                                                                                                                                                                                                                MD5:BFB56D83D301998A5726920B7C010856
                                                                                                                                                                                                                                                                                                                                                                SHA1:06380AA458BFEBE18ECEB23AA58B5E2C7F6EEAA9
                                                                                                                                                                                                                                                                                                                                                                SHA-256:09B943FF776CF3DB4D3800E1E8758D1525A3CCC3B12AE1C41607D3AE0B9CF227
                                                                                                                                                                                                                                                                                                                                                                SHA-512:33B545F1C172ACD5C2C7D2588801DEA2102F5AF39B82384337E1C386638A9D7E508F0D7E3A3C6946309ABFF136B6946925B5AFEAEDB57216E8750916A0C35A4F
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":7,"docshellUU...D"{170f99f7-886e-45fc-aa4a-2f7e5958b89c}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":8,"persistK..+}],"lastAccessed":1739400758753,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2150633470....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...98952893-68ff-4a5d-a164-705c709ed3db","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..A2362...centCrash..B0},".....Dcook.. hoc..."addons.mozilla.org","valu...'b03116d8508741e1c0453eca6046028f71c7c2b904be5e0a0d4686...b1764f","pa..p"/","na..a"taarI|.Tecure2..C.Donly..fexpiry...33073,"originA...."fir

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 6, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4096
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.0836444556178684
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:JBwdh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jnEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                                                                MD5:8B40B1534FF0F4B533AF767EB5639A05
                                                                                                                                                                                                                                                                                                                                                                SHA1:63EDB539EA39AD09D701A36B535C4C087AE08CC9
                                                                                                                                                                                                                                                                                                                                                                SHA-256:AF275A19A5C2C682139266065D90C237282274D11C5619A121B7BDBDB252861B
                                                                                                                                                                                                                                                                                                                                                                SHA-512:54AF707698CED33C206B1B193DA414D630901762E88E37E99885A50D4D5F8DDC28367C9B401DFE251CF0552B4FA446EE28F78A97C9096AFB0F2898BFBB673B53
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.028818370971503
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:ycjMTEr5/lLmI2Ac1zzcxvbw6Kkgrc2Rn27:2TEr5NX0z3DhRe
                                                                                                                                                                                                                                                                                                                                                                MD5:B02F5304FAEAC6F656A976F0BE342579
                                                                                                                                                                                                                                                                                                                                                                SHA1:85EAA2AF49F0FDDA9F0D3131F642E7BC627F0010
                                                                                                                                                                                                                                                                                                                                                                SHA-256:3A0B7D4C73651CCA2C2302ED8793C92E4F15D8510E99CAF626CAF88B6BACDCF8
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B16C363B056F43F71D3F48EC0F5D058627ACBB68AF50597DD71D42D6D13DB2E201F7E1E4E75B745F64B23FD7925FF03ADF875E58A98A6C3D35DE164BD2E4CD2B
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-12T22:52:20.939Z","profileAgeCreated":1696426830133,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.028818370971503
                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:ycjMTEr5/lLmI2Ac1zzcxvbw6Kkgrc2Rn27:2TEr5NX0z3DhRe
                                                                                                                                                                                                                                                                                                                                                                MD5:B02F5304FAEAC6F656A976F0BE342579
                                                                                                                                                                                                                                                                                                                                                                SHA1:85EAA2AF49F0FDDA9F0D3131F642E7BC627F0010
                                                                                                                                                                                                                                                                                                                                                                SHA-256:3A0B7D4C73651CCA2C2302ED8793C92E4F15D8510E99CAF626CAF88B6BACDCF8
                                                                                                                                                                                                                                                                                                                                                                SHA-512:B16C363B056F43F71D3F48EC0F5D058627ACBB68AF50597DD71D42D6D13DB2E201F7E1E4E75B745F64B23FD7925FF03ADF875E58A98A6C3D35DE164BD2E4CD2B
                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-12T22:52:20.939Z","profileAgeCreated":1696426830133,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                                Static File Info

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.699119220384099
                                                                                                                                                                                                                                                                                                                                                                TrID:
                                                                                                                                                                                                                                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                                                • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                                                File name:random.exe
                                                                                                                                                                                                                                                                                                                                                                File size:968'704 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5:49c6332d7ddfaec6d999414f35ed665d
                                                                                                                                                                                                                                                                                                                                                                SHA1:8db9314dd518f0211b111f719fc5bff871c5fb06
                                                                                                                                                                                                                                                                                                                                                                SHA256:2058cec90818bcd50676b4d1777891ed1e3b0fff94762289ad4a312aaecfcd2e
                                                                                                                                                                                                                                                                                                                                                                SHA512:bf1d170b2bfabfafb0ac5af90057c4c9b0a7ab8c3c75abdd0c1cc24d8d8539ad296acd0c89d3b804554773e57ea86c0a554114d5e0a8a5c518959aaec855c407
                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24576:+qDEvCTbMWu7rQYlBQcBiT6rprG8aKXZ:+TvC/MTQYxsWR7aKX
                                                                                                                                                                                                                                                                                                                                                                TLSH:79259E0273D1D062FFAB92334B5AF6115BBC69260123E62F13981D79BE701B1563E7A3
                                                                                                                                                                                                                                                                                                                                                                File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                                                                File Icon

                                                                                                                                                                                                                                                                                                                                                                Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                                                                Static PE Info

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                                                Digitally signed:false
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                                                Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                                                Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                                                DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                                                Time Stamp:0x67ACF93E [Wed Feb 12 19:40:46 2025 UTC]
                                                                                                                                                                                                                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                                                OS Version Major:5
                                                                                                                                                                                                                                                                                                                                                                OS Version Minor:1
                                                                                                                                                                                                                                                                                                                                                                File Version Major:5
                                                                                                                                                                                                                                                                                                                                                                File Version Minor:1
                                                                                                                                                                                                                                                                                                                                                                Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                                                Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                                                                Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                                                                Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                                                Instruction
                                                                                                                                                                                                                                                                                                                                                                call 00007FAA64B26DB3h
                                                                                                                                                                                                                                                                                                                                                                jmp 00007FAA64B266BFh
                                                                                                                                                                                                                                                                                                                                                                push ebp
                                                                                                                                                                                                                                                                                                                                                                mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                push esi
                                                                                                                                                                                                                                                                                                                                                                push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                                mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                call 00007FAA64B2689Dh
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                                mov eax, esi
                                                                                                                                                                                                                                                                                                                                                                pop esi
                                                                                                                                                                                                                                                                                                                                                                pop ebp
                                                                                                                                                                                                                                                                                                                                                                retn 0004h
                                                                                                                                                                                                                                                                                                                                                                and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                                and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                                                push ebp
                                                                                                                                                                                                                                                                                                                                                                mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                push esi
                                                                                                                                                                                                                                                                                                                                                                push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                                mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                call 00007FAA64B2686Ah
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                                mov eax, esi
                                                                                                                                                                                                                                                                                                                                                                pop esi
                                                                                                                                                                                                                                                                                                                                                                pop ebp
                                                                                                                                                                                                                                                                                                                                                                retn 0004h
                                                                                                                                                                                                                                                                                                                                                                and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                                and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                                                push ebp
                                                                                                                                                                                                                                                                                                                                                                mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                push esi
                                                                                                                                                                                                                                                                                                                                                                mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                                and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                                                                and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                push eax
                                                                                                                                                                                                                                                                                                                                                                mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                                add eax, 04h
                                                                                                                                                                                                                                                                                                                                                                push eax
                                                                                                                                                                                                                                                                                                                                                                call 00007FAA64B2945Dh
                                                                                                                                                                                                                                                                                                                                                                pop ecx
                                                                                                                                                                                                                                                                                                                                                                pop ecx
                                                                                                                                                                                                                                                                                                                                                                mov eax, esi
                                                                                                                                                                                                                                                                                                                                                                pop esi
                                                                                                                                                                                                                                                                                                                                                                pop ebp
                                                                                                                                                                                                                                                                                                                                                                retn 0004h
                                                                                                                                                                                                                                                                                                                                                                lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                                push eax
                                                                                                                                                                                                                                                                                                                                                                call 00007FAA64B294A8h
                                                                                                                                                                                                                                                                                                                                                                pop ecx
                                                                                                                                                                                                                                                                                                                                                                ret
                                                                                                                                                                                                                                                                                                                                                                push ebp
                                                                                                                                                                                                                                                                                                                                                                mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                push esi
                                                                                                                                                                                                                                                                                                                                                                mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                                push eax
                                                                                                                                                                                                                                                                                                                                                                call 00007FAA64B29491h
                                                                                                                                                                                                                                                                                                                                                                test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                                                                pop ecx

                                                                                                                                                                                                                                                                                                                                                                Rich Headers

                                                                                                                                                                                                                                                                                                                                                                Programming Language:
                                                                                                                                                                                                                                                                                                                                                                • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                                                                • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                                                                Data Directories

                                                                                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x15d94.rsrc
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0xea0000x7594.reloc
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                                                Sections

                                                                                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                                                .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                                .rsrc0xd40000x15d940x15e009f79c6af6d1329cd7c2a5331975db79fFalse0.6980803571428571data7.151240849649361IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                .reloc0xea0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                                                Resources

                                                                                                                                                                                                                                                                                                                                                                NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                                                                RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                                                                RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                                                                RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                                RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                                                                RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                                                                RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                                                                RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                                                                RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                                                                RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                                                                RT_RCDATA0xdc8fc0xcf16data1.0004904364884748
                                                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xe98140x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xe988c0x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xe98a00x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0xe98b40x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                                RT_VERSION0xe98c80xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                                                                RT_MANIFEST0xe99a40x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                                                                Imports

                                                                                                                                                                                                                                                                                                                                                                DLLImport
                                                                                                                                                                                                                                                                                                                                                                WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                                                                VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                                                                WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                                                                COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                                                                MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                                                                WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                                                                PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                                                                IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                                                                USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                                                                UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                                                                KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                                                                USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                                                                GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                                                                COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                                                                ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                                                                SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                                                                ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                                                                OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                                                                Version Infos

                                                                                                                                                                                                                                                                                                                                                                DescriptionData
                                                                                                                                                                                                                                                                                                                                                                Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                                                                Possible Origin

                                                                                                                                                                                                                                                                                                                                                                Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                                                EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                                                                Network Behavior

                                                                                                                                                                                                                                                                                                                                                                Network Port Distribution

                                                                                                                                                                                                                                                                                                                                                                TCP Packets

                                                                                                                                                                                                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.272809029 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.272860050 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.281477928 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.286127090 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.286160946 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.748738050 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.748754025 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.754966974 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.762260914 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.762269974 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.762414932 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.762449980 CET4434971035.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.762577057 CET49710443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.359743118 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.359769106 CET44349711142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.360240936 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.361677885 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.361694098 CET44349711142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.388780117 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.388890028 CET44349712142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.393894911 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.398354053 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.398432016 CET44349712142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.409152985 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.414016962 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.414896965 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.414896965 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.419888020 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.736018896 CET49714443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.736073971 CET4434971434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.736449957 CET49714443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.737909079 CET49714443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.737926006 CET4434971434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.836962938 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.836991072 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.837385893 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.839045048 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.839063883 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.839270115 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.839289904 CET4434971735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.839570045 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.839742899 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.839756012 CET4434971735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.868638039 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.924232960 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.996903896 CET44349711142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.997627974 CET44349711142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.998501062 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.998518944 CET44349711142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.061033010 CET44349712142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.061218977 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.062277079 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.062577009 CET44349712142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.062724113 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.262365103 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.262403011 CET44349711142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.262650013 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.262845039 CET44349711142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.262929916 CET49711443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.265125036 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.265204906 CET44349712142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.265244007 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.265527964 CET44349712142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.265621901 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.265654087 CET44349718142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.266458035 CET49712443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.266477108 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.267920017 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.267931938 CET44349718142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.476593971 CET4434971434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.476696014 CET49714443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.481201887 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.481259108 CET4434971934.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.481712103 CET49714443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.481739044 CET4434971434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.481848955 CET49714443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482036114 CET4434971434.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482191086 CET4972080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482254028 CET49714443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482265949 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482410908 CET49721443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482460022 CET4434972134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482497931 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482511044 CET4434971934.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.482570887 CET49721443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.483860016 CET49721443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.483891010 CET4434972134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.489130020 CET804972034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.490340948 CET4972080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.490480900 CET4972080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.495446920 CET804972034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.571449995 CET4434971735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.571532965 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.574527025 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.574532986 CET4434971735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.574939966 CET4434971735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.577157021 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.577254057 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.577306986 CET4434971735.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.577419043 CET49717443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.637969971 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.643076897 CET804971334.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.647543907 CET4971380192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.650099039 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.656126022 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.659341097 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.659492970 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.664310932 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.686870098 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.688826084 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.693285942 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.693299055 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.693392992 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.693589926 CET4434971634.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.693825006 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.693872929 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.693923950 CET49716443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.694016933 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.695841074 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.695852995 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.070446014 CET44349718142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.070784092 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.071157932 CET44349718142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.071316957 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.075720072 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.075736046 CET44349718142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.075820923 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.075898886 CET44349718142.250.185.110192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.075982094 CET49718443192.168.2.5142.250.185.110
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.113128901 CET804972034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.113398075 CET4972080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.118383884 CET804972034.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.118472099 CET4972080192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.118829012 CET4434972134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.119024992 CET49721443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.119858027 CET4434971934.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.120206118 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.123636961 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.123656988 CET4434971934.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.124034882 CET4434971934.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126318932 CET49721443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126337051 CET4434972134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126394033 CET49721443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126468897 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126516104 CET4434972134.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126566887 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126672029 CET4434971934.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126914024 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126941919 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.126981020 CET49721443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.127000093 CET49719443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.127067089 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.127204895 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.127208948 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.403590918 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.407120943 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.407197952 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.445894003 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.621018887 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.627345085 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.630918026 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.104876995 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.104909897 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.105885029 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.110964060 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.110994101 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.111047983 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.111138105 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.111192942 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.111325979 CET4434972334.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.111643076 CET4434972434.160.144.191192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.115004063 CET49723443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.115005970 CET49724443192.168.2.534.160.144.191
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.358946085 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.359553099 CET4972680192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.363951921 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.364370108 CET804972634.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.368674040 CET4972680192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.368793011 CET4972680192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.373581886 CET804972634.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.514045000 CET49727443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.514055967 CET4434972734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.523267031 CET49727443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.524832010 CET49727443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.524847031 CET4434972734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.616848946 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.657040119 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.846220970 CET4972680192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.891514063 CET804972634.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.012379885 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.019838095 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.027060986 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.027193069 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.034136057 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.103693008 CET804972634.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.106220961 CET4972680192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.548285007 CET4434972734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.548300982 CET4434972734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.548374891 CET49727443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.552378893 CET49727443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.552392006 CET4434972734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.552472115 CET49727443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.552612066 CET4434972734.117.188.166192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.552732944 CET49727443192.168.2.534.117.188.166
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.769440889 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.813602924 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.585802078 CET49730443192.168.2.552.35.181.117
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.585843086 CET4434973052.35.181.117192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.586030006 CET49730443192.168.2.552.35.181.117
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.587677956 CET49730443192.168.2.552.35.181.117
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.587693930 CET4434973052.35.181.117192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.637954950 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.642807007 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.736957073 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.802820921 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.200129986 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.200177908 CET4434973435.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.204125881 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.204616070 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.204636097 CET4434973435.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.231462002 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.236306906 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.241061926 CET49735443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.241107941 CET4434973534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.245695114 CET49735443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.247198105 CET49735443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.247215986 CET4434973534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.326873064 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.371745110 CET4434973052.35.181.117192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.373279095 CET49730443192.168.2.552.35.181.117
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.376921892 CET49730443192.168.2.552.35.181.117
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.376941919 CET4434973052.35.181.117192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.377021074 CET49730443192.168.2.552.35.181.117
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.377221107 CET4434973052.35.181.117192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.377507925 CET49730443192.168.2.552.35.181.117
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.383878946 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.450552940 CET49736443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.450601101 CET4434973634.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.460092068 CET49736443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.461776018 CET49736443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.461792946 CET4434973634.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.475562096 CET49737443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.475596905 CET4434973734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.475703955 CET49737443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.477433920 CET49737443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.477444887 CET4434973734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.544256926 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.549320936 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.643807888 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.688025951 CET4434973435.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.696018934 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.696069002 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.698864937 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.698873043 CET4434973435.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.699155092 CET4434973435.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.701598883 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.701761961 CET4434973435.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.701765060 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.701773882 CET4434973435.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.708973885 CET4434973534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.709795952 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.709830999 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.709830999 CET49734443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.711097956 CET49735443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.714534998 CET49735443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.714545965 CET4434973534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.714624882 CET49735443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.714766979 CET4434973534.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.714972973 CET49735443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.959135056 CET4434973734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.959264040 CET49737443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.963929892 CET49737443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.963948011 CET4434973734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.964021921 CET49737443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.964103937 CET4434973734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.967690945 CET49737443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.977397919 CET4434973634.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.977423906 CET4434973634.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.984405041 CET49736443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.988329887 CET49736443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.988337040 CET4434973634.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.988528013 CET49736443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.988668919 CET4434973634.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.988728046 CET49736443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.442145109 CET5405853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.449671030 CET53540581.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.449781895 CET5405853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.457423925 CET53540581.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.955532074 CET5405853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.961028099 CET53540581.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.961116076 CET5405853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.407943010 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.412878990 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.503206968 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.555850983 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.626487970 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.631324053 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.679769993 CET54078443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.679801941 CET4435407834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.680043936 CET54078443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.681473017 CET54078443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.681485891 CET4435407834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.741803885 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.792371035 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.377043962 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.381994963 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.392790079 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.392863035 CET4435408234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.393541098 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.393579960 CET4435408334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.393779039 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.393779993 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.393881083 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.393898964 CET4435408234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.394177914 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.394190073 CET4435408334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.486063004 CET4435407834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.486166954 CET54078443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.490787983 CET54078443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.490802050 CET4435407834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.490914106 CET54078443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.490998030 CET4435407834.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.491060972 CET54078443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.649660110 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.654679060 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.703695059 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.716223001 CET54084443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.716280937 CET4435408434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.725238085 CET54084443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.726592064 CET54084443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.726615906 CET4435408434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.759372950 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.001131058 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.044584990 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.280939102 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.285758018 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.312756062 CET4435408234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.312834024 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.319844961 CET4435408334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.319912910 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.392955065 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.439704895 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.444328070 CET4435408434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.444344044 CET4435408434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.444397926 CET54084443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.354959965 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.354995966 CET4435408234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.355367899 CET4435408234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.357978106 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.358014107 CET4435408334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.358900070 CET4435408334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.363871098 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.364084959 CET4435408234.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.364125013 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.364526987 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.364739895 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.364998102 CET4435408334.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.366264105 CET54084443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.366344929 CET4435408434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.366379023 CET54084443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.366554976 CET4435408434.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.367185116 CET54082443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.367206097 CET54083443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.367228031 CET54084443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.851610899 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.856522083 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.952935934 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:55.003546953 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:55.076174974 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:55.081309080 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:55.171936989 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:55.219757080 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.576217890 CET54110443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.576270103 CET4435411034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.576556921 CET54110443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.577912092 CET54110443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.577924967 CET4435411034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:57.061813116 CET4435411034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:57.061899900 CET54110443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:57.751003027 CET54110443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:57.751029968 CET4435411034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:57.751092911 CET54110443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:57.751296043 CET4435411034.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:57.751532078 CET54110443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.103810072 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.108846903 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.202758074 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.206315994 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.211560011 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.244143009 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.301981926 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.344420910 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.193015099 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.193057060 CET4435416235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.195727110 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.195727110 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.195775032 CET4435416235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.206278086 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.206322908 CET4435416334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.206523895 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.206705093 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.206721067 CET4435416334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.209352970 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.209386110 CET44354164151.101.65.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.209536076 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.209659100 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.209671974 CET44354164151.101.65.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.650928974 CET4435416235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.651012897 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.654100895 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.654115915 CET4435416235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.654416084 CET4435416235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.660182953 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.660182953 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.660388947 CET4435416235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.663677931 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.663677931 CET54162443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.676726103 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.680475950 CET54169443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.680558920 CET4435416935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.681739092 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.681886911 CET54169443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.683298111 CET54169443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.683330059 CET4435416935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.684647083 CET4435416334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.684737921 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.687370062 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.687380075 CET4435416334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.687664986 CET4435416334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.688941956 CET44354164151.101.65.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.689424992 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.689505100 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.689599991 CET4435416334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.695338964 CET4435416334.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.695348024 CET44354164151.101.65.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.700886011 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.700908899 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.700937986 CET54163443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.701181889 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.704104900 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.704112053 CET44354164151.101.65.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.704408884 CET44354164151.101.65.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.705343962 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.706279039 CET54170443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.706309080 CET4435417034.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.706955910 CET54170443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.708338022 CET54170443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.708349943 CET4435417034.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.709435940 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.709501028 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.709619045 CET44354164151.101.65.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.709781885 CET54164443192.168.2.5151.101.65.91
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.726424932 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.726500988 CET4435417135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727119923 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727170944 CET4435417235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727376938 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727428913 CET4435417335.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727730989 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727818012 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727854967 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727885008 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.727900028 CET4435417135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.728066921 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.728076935 CET4435417235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.728121996 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.728136063 CET4435417335.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.787203074 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.791939974 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.796731949 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.836766005 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.887111902 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.937063932 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.160032034 CET4435416935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.160111904 CET54169443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.164465904 CET54169443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.164470911 CET4435416935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.164572954 CET54169443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.164652109 CET4435416935.190.72.216192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.165266037 CET54169443192.168.2.535.190.72.216
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.167604923 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.172462940 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.186501026 CET4435417335.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.186676025 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.187406063 CET4435417235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.187748909 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.189402103 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.189434052 CET4435417335.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.189709902 CET4435417335.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.191761017 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.191768885 CET4435417235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.192212105 CET4435417235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.194710016 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.194801092 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.194874048 CET4435417335.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.195056915 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.195070982 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.195202112 CET54173443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.195305109 CET4435417235.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.195975065 CET54172443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.197879076 CET4435417034.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.197951078 CET54170443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.201426983 CET4435417135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.202270985 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204464912 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204472065 CET4435417135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204530954 CET54170443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204543114 CET4435417034.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204705000 CET4435417135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204734087 CET4435417034.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204837084 CET54170443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.204844952 CET4435417034.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.207786083 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.207854033 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.208038092 CET4435417135.244.181.201192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.214498043 CET54171443192.168.2.535.244.181.201
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.219261885 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.219295979 CET4435417734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.219448090 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.219556093 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.219573975 CET4435417734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.223062992 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.228008986 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.228746891 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.228746891 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.233577967 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.266982079 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.269695044 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.274509907 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.306978941 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.364823103 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.407267094 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.411375999 CET4435417034.49.51.44192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.411483049 CET54170443192.168.2.534.49.51.44
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.684555054 CET4435417734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.684669018 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.687836885 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.687846899 CET4435417734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.688076973 CET4435417734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.690263987 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.690351963 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.690412045 CET4435417734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.695328951 CET4435417734.149.100.209192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.696491003 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.700227976 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.700254917 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.700426102 CET54177443192.168.2.534.149.100.209
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.701405048 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.794687033 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.797815084 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.803137064 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.839761019 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.863368988 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.863430977 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.863466024 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.863518953 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864625931 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864656925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864696026 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864722013 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864754915 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864825010 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867491961 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867511034 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867526054 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867578983 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867578983 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.870140076 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.870265007 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.870300055 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.870321035 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.873051882 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.873086929 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.873121023 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.873225927 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.893630028 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.936290026 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954029083 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954090118 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954129934 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954166889 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954205036 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954241037 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954282045 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.954408884 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955246925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955285072 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955379009 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955419064 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955460072 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955496073 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955534935 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955651045 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.955651045 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958249092 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958295107 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958332062 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958369017 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958404064 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958440065 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958446026 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.958520889 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.960760117 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.960778952 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.960796118 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.960978985 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.960987091 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.960989952 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.961002111 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.961035967 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.961067915 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.963651896 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.963663101 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.963674068 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.963686943 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.963691950 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.963824987 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.963872910 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.964068890 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.964078903 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.964250088 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044502974 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044557095 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044593096 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044626951 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044678926 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044715881 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044848919 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044951916 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044970036 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044984102 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.044998884 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045023918 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045129061 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045733929 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045764923 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045790911 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045799971 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045836926 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045870066 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.045908928 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046081066 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046120882 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046133995 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046169043 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046202898 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046473026 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046506882 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046542883 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046567917 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046576023 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.046684980 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.047085047 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.047113895 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.047172070 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.048890114 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.048926115 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049026012 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049053907 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049060106 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049096107 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049129963 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049168110 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049348116 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049382925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049418926 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049433947 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049469948 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.049510956 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051389933 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051443100 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051505089 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051525116 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051577091 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051611900 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051635981 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051645041 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051686049 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051697969 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051750898 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051773071 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.051855087 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.053924084 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.053957939 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054260969 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054295063 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054332018 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054368019 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054476023 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054510117 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054543018 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.054956913 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.055000067 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.055927992 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.066760063 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.098057985 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.098098040 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.098133087 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.098140955 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.098370075 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135106087 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135123968 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135133982 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135186911 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135199070 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135210991 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135234118 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135263920 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135274887 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135288000 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135298967 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135309935 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135349989 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135361910 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135371923 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135416985 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.135611057 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136396885 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136404037 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136409998 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136415958 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136456966 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136482000 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136523962 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136538982 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136549950 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136715889 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136727095 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136739016 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136763096 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136778116 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136792898 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136802912 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136812925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136825085 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136867046 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.136883974 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.137106895 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139405012 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139461994 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139475107 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139487028 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139523983 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139535904 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139548063 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139556885 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139710903 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139722109 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139734983 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.139745951 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140016079 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140028000 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140039921 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140050888 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140062094 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140391111 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140393972 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140410900 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140423059 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140434027 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140458107 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.140497923 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.141959906 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.141972065 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.141983032 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142026901 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142039061 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142067909 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142146111 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142335892 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142348051 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142359018 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142369986 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142379999 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142391920 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142420053 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142431021 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142450094 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142456055 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142499924 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.142507076 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.143105030 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.143115997 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.143126965 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144078970 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144351006 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144835949 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144846916 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144867897 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144874096 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144880056 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144892931 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.144898891 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145015001 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145136118 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145196915 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145207882 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145342112 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145354033 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145365000 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145375967 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145709991 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145715952 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145720005 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145736933 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145747900 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145759106 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145787954 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.145812988 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188620090 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188631058 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188684940 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188709021 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188719988 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188755989 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188800097 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188833952 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.188884974 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226438999 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226515055 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226521969 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226548910 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226583958 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226610899 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226653099 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226686954 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226737976 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226773024 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226805925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226840019 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226888895 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226907969 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226939917 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.226975918 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227026939 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227060080 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227086067 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227093935 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227114916 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227128983 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227164984 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227180004 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227200985 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227236032 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227269888 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227304935 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227319002 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227410078 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227426052 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227462053 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227510929 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227514029 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227549076 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227596998 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227622986 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227631092 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227664948 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227699041 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227731943 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227732897 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227756023 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227767944 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227801085 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227812052 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227837086 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227871895 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227909088 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227924109 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227945089 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.227979898 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228004932 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228004932 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228013992 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228049040 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228084087 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228094101 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228118896 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228157997 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228192091 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228225946 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228260040 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228337049 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228435993 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228471041 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228504896 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228538990 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228545904 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228574038 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228607893 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228641987 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228650093 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.228729963 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230006933 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230063915 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230096102 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230132103 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230137110 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230182886 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230235100 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230267048 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230277061 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230315924 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230365992 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230402946 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230432987 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230467081 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230519056 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230529070 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230551004 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230608940 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230643988 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230710983 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.230710983 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232590914 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232621908 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232671976 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232707024 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232739925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232789040 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232814074 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232841015 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232892990 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232894897 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232928991 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232961893 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232966900 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.232992887 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233048916 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233061075 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233083963 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233118057 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233150005 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233153105 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233200073 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233211040 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233234882 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233287096 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233321905 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233372927 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233407021 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233442068 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233474970 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233489990 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233489990 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233508110 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.233552933 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235599041 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235651016 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235685110 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235718012 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235769987 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235795021 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235835075 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235869884 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235915899 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235949993 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235961914 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.235966921 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236013889 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236047029 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236051083 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236083031 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236115932 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236135006 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236151934 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236180067 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.236255884 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279232979 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279275894 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279330969 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279386997 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279414892 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279419899 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279455900 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279489994 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279525042 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.279630899 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316560030 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316633940 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316745996 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316795111 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316798925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316834927 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316907883 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316911936 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316962004 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.316966057 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317001104 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317034960 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317064047 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317090988 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317141056 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317174911 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317176104 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317209959 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317250013 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317257881 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317267895 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317315102 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317320108 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317354918 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317389965 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317420006 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317444086 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317477942 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317512035 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317536116 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317536116 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317547083 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317585945 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317598104 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317631006 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317655087 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317682981 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317724943 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317734003 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317770004 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317785978 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317816019 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317867041 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317882061 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317919016 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317970991 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.317981958 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318031073 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318041086 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318067074 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318100929 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318135977 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318162918 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318171024 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318205118 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318239927 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318238974 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318274975 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318274975 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318326950 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318361998 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318392992 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318397045 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318430901 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318464994 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318496943 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318496943 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318500042 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318533897 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318567991 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318583012 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318603039 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318639994 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318658113 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318708897 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318743944 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318761110 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318778038 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318815947 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318847895 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318849087 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318881989 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318897963 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318932056 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.318964958 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.319004059 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.319119930 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.320885897 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.320941925 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.320977926 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321027994 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321038008 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321063042 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321105957 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321115017 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321147919 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321192026 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321201086 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321238041 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321238041 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321238041 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321273088 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321309090 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321310043 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321341038 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321376085 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321415901 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.321631908 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323175907 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323270082 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323302031 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323373079 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323395967 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323438883 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323472977 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323473930 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323507071 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323535919 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323564053 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323590994 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323592901 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323647022 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323676109 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323709011 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323709965 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323770046 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323777914 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323797941 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323813915 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323848009 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323899031 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323924065 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323935032 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323971033 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.323985100 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.324018955 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.324054956 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.324089050 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.324124098 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.324160099 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.324294090 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326137066 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326188087 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326240063 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326275110 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326313019 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326320887 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326344013 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326375961 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326395035 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326446056 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326493025 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326527119 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326560974 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326594114 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326628923 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326647997 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326647997 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326663971 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.326791048 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.879779100 CET54191443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.879822016 CET4435419134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.879951954 CET54191443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.881431103 CET54191443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.881449938 CET4435419134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.343547106 CET4435419134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.344217062 CET54191443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.347840071 CET54191443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.347852945 CET4435419134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.347944021 CET54191443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.348217010 CET4435419134.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.349705935 CET54191443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.351660013 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.356534958 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.451359987 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.456640005 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.461503983 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.513397932 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.551512003 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.591510057 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.509049892 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.513936043 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.607745886 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.611602068 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.616478920 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.662369967 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.707130909 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.762672901 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:17.339050055 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:17.343844891 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:24.616559029 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:24.625085115 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:24.716830015 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:24.721831083 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:27.355354071 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:27.360224009 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.369337082 CET54323443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.369385004 CET4435432334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.369716883 CET54323443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.371148109 CET54323443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.371164083 CET4435432334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.873917103 CET4435432334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.874120951 CET54323443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.879367113 CET54323443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.879396915 CET4435432334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.879489899 CET54323443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.879544973 CET4435432334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.879713058 CET54323443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.882033110 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.886842966 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.987643003 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.990797043 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.995686054 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:29.029185057 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:29.087587118 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:29.144680023 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.318326950 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.318367958 CET4435432934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.318682909 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.318813086 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.318823099 CET4435432934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.331017017 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.331072092 CET4435433034.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.332319975 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.332463026 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.332480907 CET4435433034.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.782325029 CET4435432934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.782491922 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.786099911 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.786112070 CET4435432934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.786401033 CET4435432934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.788932085 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.789055109 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.789186954 CET4435432934.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.789256096 CET54329443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.806123972 CET4435433034.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.810475111 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.814263105 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.814273119 CET4435433034.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.814532995 CET4435433034.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.822415113 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.822415113 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.822608948 CET4435433034.120.208.123192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.822928905 CET54330443192.168.2.534.120.208.123
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.831706047 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.836592913 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.930212021 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.933475971 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.938348055 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.980777979 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:36.028903008 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:36.081119061 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:37.374123096 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:37.378931999 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:45.950413942 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:45.958756924 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:46.050740957 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:46.057950020 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:47.386122942 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:47.391582966 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:55.978846073 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:55.983616114 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:56.079143047 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:56.084038973 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:57.398783922 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:57.403568983 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:05.986037016 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:05.991007090 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:06.086355925 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:06.091540098 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:07.412535906 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:07.417424917 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.177364111 CET54332443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.177398920 CET4435433234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.177556992 CET54332443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.179184914 CET54332443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.179202080 CET4435433234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.695347071 CET4435433234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.695485115 CET54332443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.701581001 CET54332443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.701594114 CET4435433234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.701674938 CET54332443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.701807976 CET4435433234.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.702531099 CET54332443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.704560041 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.709439039 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.802890062 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.815839052 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.820632935 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.865016937 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.911612034 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.965281963 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:17.439773083 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:17.450622082 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:19.824846983 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:19.829916954 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:19.925086975 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:19.929955959 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:27.469439030 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:27.474540949 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:29.838531971 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:29.843343973 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:29.938877106 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:29.945280075 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:37.476241112 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:37.481156111 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:39.851947069 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:39.856903076 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:39.952128887 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:39.957403898 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:47.489561081 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:47.494554043 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:49.865135908 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:49.872035027 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:49.965338945 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:49.970227957 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:57.502688885 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:57.509218931 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:59.877862930 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:59.882855892 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:59.978224993 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:59.983537912 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:02.770236015 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:02.775423050 CET80541782.22.61.59192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:02.775623083 CET5417880192.168.2.52.22.61.59
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:09.890831947 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:09.895817041 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:09.991085052 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:09.995959997 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:19.917618990 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:19.922884941 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:20.017956972 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:20.022778988 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.923542023 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.946609020 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.967427015 CET54333443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.967462063 CET4435433334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.967536926 CET54333443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.969225883 CET54333443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.969238997 CET4435433334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.023788929 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.029001951 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.449709892 CET4435433334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.449865103 CET54333443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.456267118 CET54333443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.456314087 CET4435433334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.456381083 CET54333443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.456557035 CET4435433334.107.243.93192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.457287073 CET54333443192.168.2.534.107.243.93
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.459357023 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.464229107 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.557986975 CET804972234.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.561669111 CET4972880192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.566795111 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.609508991 CET4972280192.168.2.534.107.221.82
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.657083035 CET804972834.107.221.82192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.709775925 CET4972880192.168.2.534.107.221.82

                                                                                                                                                                                                                                                                                                                                                                UDP Packets

                                                                                                                                                                                                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.273524046 CET6269253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.282191992 CET53626921.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.295408010 CET6084053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.303813934 CET53608401.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.347214937 CET6357353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.352969885 CET6283453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.354454994 CET53635731.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.359723091 CET53628341.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.360037088 CET5521053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.363527060 CET6057853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.367327929 CET53552101.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.367854118 CET5064353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.370757103 CET53605781.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.371819973 CET6041653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.374649048 CET53506431.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.379347086 CET53604161.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.728075027 CET6225053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.735012054 CET53622501.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.736387968 CET6010753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.744601965 CET53601071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.745191097 CET5618053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.752156019 CET53561801.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.829099894 CET5988053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.836007118 CET53598801.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.837300062 CET5809453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.840523005 CET5624453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.845001936 CET53580941.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.845674038 CET5260753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.850415945 CET53562441.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.850950003 CET6421453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.852941990 CET53526071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.858488083 CET53642141.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.272892952 CET5828153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.273319006 CET6339153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.279758930 CET53582811.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.280966043 CET53633911.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.468425989 CET6367553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.470506907 CET6539753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.476922989 CET53636751.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.478974104 CET53653971.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.481451988 CET5323253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.490592957 CET53532321.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.491204023 CET4990953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.498058081 CET53499091.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.570017099 CET5624353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.577388048 CET53562431.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.578459024 CET6444753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.585721016 CET53644471.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.586242914 CET6524353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.587852955 CET5296953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.595088005 CET53529691.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.596107960 CET6070753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.603178978 CET53652431.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.603461981 CET53607071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.617662907 CET6061153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.625386000 CET53606111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.162220001 CET5309653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.170516968 CET53530961.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.190606117 CET5001553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.197444916 CET53500151.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.200642109 CET6135953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.205701113 CET5501153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.207787991 CET53613591.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.212507963 CET53550111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.241695881 CET5773753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.249080896 CET53577371.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.260569096 CET5164153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.267960072 CET53516411.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.449852943 CET6160653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.456878901 CET53616061.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.476767063 CET6250053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.483623028 CET53625001.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.489413023 CET5754753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.496871948 CET53575471.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:48.441607952 CET53521591.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.628005981 CET6183153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.634917974 CET53618311.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.843020916 CET6198653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.843457937 CET4943753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.843749046 CET6393353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET53619861.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850672007 CET53494371.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850866079 CET53639331.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850934982 CET6260753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857688904 CET5745553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857738972 CET6131153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET53626071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.858828068 CET6146253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.864888906 CET53574551.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.864950895 CET53613111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865392923 CET5902853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865601063 CET6195253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865678072 CET53614621.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.866386890 CET5854353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872210026 CET53590281.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872539997 CET53619521.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872998953 CET53585431.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.873009920 CET5221153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.880069971 CET53522111.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.889811993 CET6283053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.889904976 CET5617553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896682978 CET53561751.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896878004 CET53628301.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.897208929 CET5971653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.897407055 CET5169953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.904040098 CET53597161.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.904530048 CET53516991.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.576441050 CET5153053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.583785057 CET53515301.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.194099903 CET4931053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.200925112 CET53493101.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.201385975 CET5260753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.208308935 CET53526071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.209461927 CET5359053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.216314077 CET53535901.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.217091084 CET5711453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.225033045 CET53571141.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.686234951 CET5868353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.695905924 CET53586831.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.706942081 CET5604653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.714262962 CET53560461.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.715305090 CET5274253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.722934008 CET53527421.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.788898945 CET5461253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.795789003 CET53546121.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.223632097 CET6553353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.232944012 CET53655331.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.233555079 CET5244053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.242445946 CET53524401.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.880235910 CET6001353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.887518883 CET53600131.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.361521959 CET6313753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.368376970 CET53631371.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.369076014 CET5853453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.375961065 CET53585341.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.334954977 CET6229253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.342226028 CET53622921.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.832295895 CET5643353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.839350939 CET53564331.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.166635036 CET5228553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.176115990 CET53522851.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.177284002 CET5896353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.186517954 CET53589631.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.704682112 CET5875153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.711730957 CET53587511.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.950867891 CET5322453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.957928896 CET53532241.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.959188938 CET6315153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.966145039 CET53631511.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.966701984 CET6191953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.973462105 CET53619191.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.459670067 CET5124253192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.466382027 CET53512421.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.467577934 CET6114553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.474725008 CET53611451.1.1.1192.168.2.5

                                                                                                                                                                                                                                                                                                                                                                DNS Queries

                                                                                                                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.273524046 CET192.168.2.51.1.1.10x8a2fStandard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.295408010 CET192.168.2.51.1.1.10xbd7dStandard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.347214937 CET192.168.2.51.1.1.10xd52Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.352969885 CET192.168.2.51.1.1.10xffa8Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.360037088 CET192.168.2.51.1.1.10x2306Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.363527060 CET192.168.2.51.1.1.10xee39Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.367854118 CET192.168.2.51.1.1.10x7d92Standard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.371819973 CET192.168.2.51.1.1.10x4e45Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.728075027 CET192.168.2.51.1.1.10x43b3Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.736387968 CET192.168.2.51.1.1.10xc4a6Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.745191097 CET192.168.2.51.1.1.10xa604Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.829099894 CET192.168.2.51.1.1.10x5ca5Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.837300062 CET192.168.2.51.1.1.10x5a9Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.840523005 CET192.168.2.51.1.1.10x41ecStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.845674038 CET192.168.2.51.1.1.10x9190Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.850950003 CET192.168.2.51.1.1.10xfacbStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.272892952 CET192.168.2.51.1.1.10x21b0Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.273319006 CET192.168.2.51.1.1.10xb174Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.468425989 CET192.168.2.51.1.1.10xc8b8Standard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.470506907 CET192.168.2.51.1.1.10xb5f2Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.481451988 CET192.168.2.51.1.1.10x8cb4Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.491204023 CET192.168.2.51.1.1.10xaaeaStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.570017099 CET192.168.2.51.1.1.10xc4deStandard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.578459024 CET192.168.2.51.1.1.10xe82aStandard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.586242914 CET192.168.2.51.1.1.10x107dStandard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.587852955 CET192.168.2.51.1.1.10xe542Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.596107960 CET192.168.2.51.1.1.10x1de7Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.617662907 CET192.168.2.51.1.1.10x2abeStandard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.162220001 CET192.168.2.51.1.1.10x76a4Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.190606117 CET192.168.2.51.1.1.10x5e87Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.200642109 CET192.168.2.51.1.1.10x78f4Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.205701113 CET192.168.2.51.1.1.10x1f87Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.241695881 CET192.168.2.51.1.1.10x34e4Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.260569096 CET192.168.2.51.1.1.10xfce9Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.449852943 CET192.168.2.51.1.1.10xcbe7Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.476767063 CET192.168.2.51.1.1.10x54beStandard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.489413023 CET192.168.2.51.1.1.10x4b3fStandard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.628005981 CET192.168.2.51.1.1.10x56a8Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.843020916 CET192.168.2.51.1.1.10xea09Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.843457937 CET192.168.2.51.1.1.10x828fStandard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.843749046 CET192.168.2.51.1.1.10xe106Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850934982 CET192.168.2.51.1.1.10x1b54Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857688904 CET192.168.2.51.1.1.10x87c2Standard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857738972 CET192.168.2.51.1.1.10xc06aStandard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.858828068 CET192.168.2.51.1.1.10x8777Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865392923 CET192.168.2.51.1.1.10x27a0Standard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865601063 CET192.168.2.51.1.1.10xa399Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.866386890 CET192.168.2.51.1.1.10x7296Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.873009920 CET192.168.2.51.1.1.10x1edcStandard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.889811993 CET192.168.2.51.1.1.10x1b68Standard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.889904976 CET192.168.2.51.1.1.10xad19Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.897208929 CET192.168.2.51.1.1.10x6abStandard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.897407055 CET192.168.2.51.1.1.10xf9b1Standard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:56.576441050 CET192.168.2.51.1.1.10x38e2Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.194099903 CET192.168.2.51.1.1.10x5dd6Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.201385975 CET192.168.2.51.1.1.10xd3ddStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.209461927 CET192.168.2.51.1.1.10xca98Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.217091084 CET192.168.2.51.1.1.10xd1fbStandard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.686234951 CET192.168.2.51.1.1.10x94dfStandard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.706942081 CET192.168.2.51.1.1.10xb71bStandard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.715305090 CET192.168.2.51.1.1.10x7bc7Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.788898945 CET192.168.2.51.1.1.10x3f5Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.223632097 CET192.168.2.51.1.1.10x6b21Standard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.233555079 CET192.168.2.51.1.1.10xfab9Standard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:07.880235910 CET192.168.2.51.1.1.10x8ea0Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.361521959 CET192.168.2.51.1.1.10xfa98Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.369076014 CET192.168.2.51.1.1.10x9c16Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.334954977 CET192.168.2.51.1.1.10xd610Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.832295895 CET192.168.2.51.1.1.10x2c2eStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.166635036 CET192.168.2.51.1.1.10xcba9Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.177284002 CET192.168.2.51.1.1.10x611fStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.704682112 CET192.168.2.51.1.1.10xd829Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.950867891 CET192.168.2.51.1.1.10x9a81Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.959188938 CET192.168.2.51.1.1.10x2ac6Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.966701984 CET192.168.2.51.1.1.10x2030Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.459670067 CET192.168.2.51.1.1.10x42cdStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.467577934 CET192.168.2.51.1.1.10x3addStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                                DNS Answers

                                                                                                                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.251286030 CET1.1.1.1192.168.2.50x3728No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:36.282191992 CET1.1.1.1192.168.2.50x8a2fNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.354454994 CET1.1.1.1192.168.2.50xd52No error (0)youtube.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.359723091 CET1.1.1.1192.168.2.50xffa8No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.359723091 CET1.1.1.1192.168.2.50xffa8No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.359723091 CET1.1.1.1192.168.2.50xffa8No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.367327929 CET1.1.1.1192.168.2.50x2306No error (0)youtube.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.370757103 CET1.1.1.1192.168.2.50xee39No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.374649048 CET1.1.1.1192.168.2.50x7d92No error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.379347086 CET1.1.1.1192.168.2.50x4e45No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.735012054 CET1.1.1.1192.168.2.50x43b3No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.744601965 CET1.1.1.1192.168.2.50xc4a6No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.836007118 CET1.1.1.1192.168.2.50x5ca5No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.836007118 CET1.1.1.1192.168.2.50x5ca5No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.836488008 CET1.1.1.1192.168.2.50xa0a2No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.836488008 CET1.1.1.1192.168.2.50xa0a2No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.845001936 CET1.1.1.1192.168.2.50x5a9No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.850415945 CET1.1.1.1192.168.2.50x41ecNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.279758930 CET1.1.1.1192.168.2.50x21b0No error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.279758930 CET1.1.1.1192.168.2.50x21b0No error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.279758930 CET1.1.1.1192.168.2.50x21b0No error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.279758930 CET1.1.1.1192.168.2.50x21b0No error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.280966043 CET1.1.1.1192.168.2.50xb174No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.280966043 CET1.1.1.1192.168.2.50xb174No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.476922989 CET1.1.1.1192.168.2.50xc8b8No error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.476922989 CET1.1.1.1192.168.2.50xc8b8No error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.476922989 CET1.1.1.1192.168.2.50xc8b8No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.478974104 CET1.1.1.1192.168.2.50xb5f2No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.478974104 CET1.1.1.1192.168.2.50xb5f2No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.478974104 CET1.1.1.1192.168.2.50xb5f2No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.490592957 CET1.1.1.1192.168.2.50x8cb4No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.498058081 CET1.1.1.1192.168.2.50xaaeaNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.577388048 CET1.1.1.1192.168.2.50xc4deNo error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.577388048 CET1.1.1.1192.168.2.50xc4deNo error (0)shavar.prod.mozaws.net52.35.181.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.577388048 CET1.1.1.1192.168.2.50xc4deNo error (0)shavar.prod.mozaws.net52.35.152.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.577388048 CET1.1.1.1192.168.2.50xc4deNo error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.585721016 CET1.1.1.1192.168.2.50xe82aNo error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.585721016 CET1.1.1.1192.168.2.50xe82aNo error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.585721016 CET1.1.1.1192.168.2.50xe82aNo error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.595088005 CET1.1.1.1192.168.2.50xe542No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.603178978 CET1.1.1.1192.168.2.50x107dNo error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.603178978 CET1.1.1.1192.168.2.50x107dNo error (0)shavar.prod.mozaws.net52.35.152.253A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.603178978 CET1.1.1.1192.168.2.50x107dNo error (0)shavar.prod.mozaws.net52.35.181.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.170516968 CET1.1.1.1192.168.2.50x76a4No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.177175999 CET1.1.1.1192.168.2.50xdf0No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.177175999 CET1.1.1.1192.168.2.50xdf0No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.197444916 CET1.1.1.1192.168.2.50x5e87No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.239542961 CET1.1.1.1192.168.2.50xf1b9No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.249080896 CET1.1.1.1192.168.2.50x34e4No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.456878901 CET1.1.1.1192.168.2.50xcbe7No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.456878901 CET1.1.1.1192.168.2.50xcbe7No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.483623028 CET1.1.1.1192.168.2.50x54beNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.678558111 CET1.1.1.1192.168.2.50xb973No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com172.217.23.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.849773884 CET1.1.1.1192.168.2.50xea09No error (0)youtube-ui.l.google.com216.58.212.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850672007 CET1.1.1.1192.168.2.50x828fNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850672007 CET1.1.1.1192.168.2.50x828fNo error (0)star-mini.c10r.facebook.com157.240.253.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850866079 CET1.1.1.1192.168.2.50xe106No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.850866079 CET1.1.1.1192.168.2.50xe106No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.857808113 CET1.1.1.1192.168.2.50x1b54No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.864888906 CET1.1.1.1192.168.2.50x87c2No error (0)star-mini.c10r.facebook.com157.240.0.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.864950895 CET1.1.1.1192.168.2.50xc06aNo error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865678072 CET1.1.1.1192.168.2.50x8777No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865678072 CET1.1.1.1192.168.2.50x8777No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865678072 CET1.1.1.1192.168.2.50x8777No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.865678072 CET1.1.1.1192.168.2.50x8777No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872210026 CET1.1.1.1192.168.2.50x27a0No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872539997 CET1.1.1.1192.168.2.50xa399No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872998953 CET1.1.1.1192.168.2.50x7296No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872998953 CET1.1.1.1192.168.2.50x7296No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872998953 CET1.1.1.1192.168.2.50x7296No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872998953 CET1.1.1.1192.168.2.50x7296No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.872998953 CET1.1.1.1192.168.2.50x7296No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.880069971 CET1.1.1.1192.168.2.50x1edcNo error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.880069971 CET1.1.1.1192.168.2.50x1edcNo error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.880069971 CET1.1.1.1192.168.2.50x1edcNo error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.880069971 CET1.1.1.1192.168.2.50x1edcNo error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896682978 CET1.1.1.1192.168.2.50xad19No error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896682978 CET1.1.1.1192.168.2.50xad19No error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896682978 CET1.1.1.1192.168.2.50xad19No error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896682978 CET1.1.1.1192.168.2.50xad19No error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896878004 CET1.1.1.1192.168.2.50x1b68No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896878004 CET1.1.1.1192.168.2.50x1b68No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896878004 CET1.1.1.1192.168.2.50x1b68No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.896878004 CET1.1.1.1192.168.2.50x1b68No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.208308935 CET1.1.1.1192.168.2.50xd3ddNo error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.208308935 CET1.1.1.1192.168.2.50xd3ddNo error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.208308935 CET1.1.1.1192.168.2.50xd3ddNo error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.208308935 CET1.1.1.1192.168.2.50xd3ddNo error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.216314077 CET1.1.1.1192.168.2.50xca98No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.216314077 CET1.1.1.1192.168.2.50xca98No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.216314077 CET1.1.1.1192.168.2.50xca98No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.216314077 CET1.1.1.1192.168.2.50xca98No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.225033045 CET1.1.1.1192.168.2.50xd1fbNo error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.225033045 CET1.1.1.1192.168.2.50xd1fbNo error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.225033045 CET1.1.1.1192.168.2.50xd1fbNo error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.225033045 CET1.1.1.1192.168.2.50xd1fbNo error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.695905924 CET1.1.1.1192.168.2.50x94dfNo error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.695905924 CET1.1.1.1192.168.2.50x94dfNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.714262962 CET1.1.1.1192.168.2.50xb71bNo error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.795789003 CET1.1.1.1192.168.2.50x3f5No error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.795789003 CET1.1.1.1192.168.2.50x3f5No error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.795789003 CET1.1.1.1192.168.2.50x3f5No error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.795789003 CET1.1.1.1192.168.2.50x3f5No error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.221930027 CET1.1.1.1192.168.2.50x49b5No error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.221930027 CET1.1.1.1192.168.2.50x49b5No error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.221930027 CET1.1.1.1192.168.2.50x49b5No error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.221930027 CET1.1.1.1192.168.2.50x49b5No error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.221930027 CET1.1.1.1192.168.2.50x49b5No error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.232944012 CET1.1.1.1192.168.2.50x6b21No error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.232944012 CET1.1.1.1192.168.2.50x6b21No error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.242445946 CET1.1.1.1192.168.2.50xfab9No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.242445946 CET1.1.1.1192.168.2.50xfab9No error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.368376970 CET1.1.1.1192.168.2.50xfa98No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.325948954 CET1.1.1.1192.168.2.50x61eeNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.839350939 CET1.1.1.1192.168.2.50x2c2eNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.839350939 CET1.1.1.1192.168.2.50x2c2eNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.839350939 CET1.1.1.1192.168.2.50x2c2eNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.176115990 CET1.1.1.1192.168.2.50xcba9No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.711730957 CET1.1.1.1192.168.2.50xd829No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.711730957 CET1.1.1.1192.168.2.50xd829No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.711730957 CET1.1.1.1192.168.2.50xd829No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.957928896 CET1.1.1.1192.168.2.50x9a81No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:29.966145039 CET1.1.1.1192.168.2.50x2ac6No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.466382027 CET1.1.1.1192.168.2.50x42cdNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.466382027 CET1.1.1.1192.168.2.50x42cdNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.466382027 CET1.1.1.1192.168.2.50x42cdNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.474725008 CET1.1.1.1192.168.2.50x3addNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                                HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                                                • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                                                                HTTP Packets

                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                0192.168.2.54971334.107.221.82806160C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.414896965 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:37.868638039 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15067
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                1192.168.2.54972034.107.221.82806160C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.490480900 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.113128901 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 00:42:17 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 73341
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success


                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                2192.168.2.54972234.107.221.82806160C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:38.659492970 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:39.403590918 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15069
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.358946085 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.616848946 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15070
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.637954950 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:44.736957073 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15074
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.544256926 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.643807888 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15075
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.626487970 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.741803885 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15081
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.649660110 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.001131058 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15082
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.851610899 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:54.952935934 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15084
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.103810072 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.202758074 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15088
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.676726103 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.787203074 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15095
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.167604923 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.266982079 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15096
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.696491003 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.794687033 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15096
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.351660013 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.451359987 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15098
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.509049892 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.607745886 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15104
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:24.616559029 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.882033110 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.987643003 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15118
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.831706047 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.930212021 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15125
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:45.950413942 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:55.978846073 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:05.986037016 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.704560041 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.802890062 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15159
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:19.824846983 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:29.838531971 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:39.851947069 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:49.865135908 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:59.877862930 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:09.890831947 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.459357023 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.557986975 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 16:53:30 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 15240
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                3192.168.2.54972634.107.221.82806160C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:40.368793011 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache


                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                4192.168.2.54972834.107.221.82806160C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.027193069 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:41.769440889 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78329
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.231462002 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:45.326873064 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78333
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.407943010 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:51.503206968 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78339
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.377043962 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:52.703695059 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78340
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.280939102 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:53.392955065 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78341
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:55.076174974 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:55.171936989 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78343
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.206315994 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:04:58.301981926 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78346
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.791939974 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:05.887111902 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78353
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.269695044 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.364823103 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78354
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.797815084 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.893630028 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78354
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.456640005 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:08.551512003 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78356
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.611602068 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:14.707130909 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78362
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:24.716830015 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:28.990797043 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:29.087587118 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78377
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:35.933475971 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:36.028903008 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78383
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:46.050740957 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:56.079143047 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:06.086355925 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.815839052 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:09.911612034 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78417
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:19.925086975 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:29.938877106 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:39.952128887 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:49.965338945 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:06:59.978224993 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:09.991085052 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.561669111 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:07:30.657083035 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                Date: Tue, 11 Feb 2025 23:19:12 GMT
                                                                                                                                                                                                                                                                                                                                                                Age: 78498
                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: success


                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                5192.168.2.5541782.22.61.59806160C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.228746891 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.863368988 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Fri, 07 Feb 2025 06:55:57 GMT
                                                                                                                                                                                                                                                                                                                                                                ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                                                                Content-Length: 453023
                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                X-Timestamp: 1738911356.44453
                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                                                                X-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1
                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=72814
                                                                                                                                                                                                                                                                                                                                                                Expires: Thu, 13 Feb 2025 17:18:40 GMT
                                                                                                                                                                                                                                                                                                                                                                Date: Wed, 12 Feb 2025 21:05:06 GMT
                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.863430977 CET1236INData Raw: c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5 ff
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*dIUkq9[dv
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.863466024 CET448INData Raw: 05 c4 dc 61 8a ee 89 36 03 dd 1b 08 cd 40 d9 ea 04 bd 6e 44 fc 07 c7 c5 f9 37 23 49 13 20 6b 79 26 c2 ef b5 cf c4 f9 36 c0 ee 95 21 56 4f bf 34 ab 1d 51 ac fe f7 81 91 58 5d 54 d5 5a 44 59 dd bb 12 e9 2b 02 56 4f 8f 9f b8 ad c8 db ba c2 58 de 72
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: a6@nD7#I ky&6!VO4QX]TZDY+VOXrm!m%R4Re"*2Xohu}G9gVP8ghhlW4CUR7wv$Y`X%k|h``\"^w\>(y':@V6
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864625931 CET1236INData Raw: e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b 6a
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864656925 CET224INData Raw: b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e 58
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864722013 CET1236INData Raw: eb 24 12 e0 ac 6a 27 38 ab da 2b 98 e3 b0 97 91 65 1e 2c a3 90 8b 66 61 cb 4b 09 68 7b 4e e6 74 fb f6 81 dd 76 c8 5c 68 3a 36 e5 78 dc 6f bc 05 f0 58 ee 25 0f 4e f7 f2 f7 b3 c0 09 b0 c8 4f 64 83 67 80 01 e2 6c c4 b6 64 6a ae 0f 40 40 85 ac 25 53
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: $j'8+e,faKh{Ntv\h:6xoX%NOdgldj@@%Sh."Sm%n47F}rm8=QadNq|Ok7j.Civ(Ny+:*IShRP_? 9PvW3"fd 'OR{G.
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.864754915 CET224INData Raw: 44 ba 24 59 27 05 cb 0d 31 f6 0d 96 5a 48 42 f9 e5 46 a2 7f fd 69 30 28 db 43 91 67 4d 51 a3 a3 cc 1f 25 45 d1 fa 7c 4f 3c ad ef 3f 78 c9 28 73 d1 a7 23 47 99 ef bc 74 84 e4 1b d1 51 66 6d f5 16 17 62 7e 3f 36 08 b2 eb 02 f9 7f bc 9c 46 1f 4c 3d
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: D$Y'1ZHBFi0(CgMQ%E|O<?x(s#GtQfmb~?6FL=)L"+b=vl?/YG.g#sp\|792):\|$5hsO93rAdSYK{Y.K32Ny7]
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867491961 CET1236INData Raw: a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48 6c
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: !Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867511034 CET1236INData Raw: 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd 94
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!kF&9U5D
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.867526054 CET448INData Raw: 80 f1 d6 7f 38 46 eb 3f 1c 23 ff 8f c5 d8 58 38 5e ff 5a c1 75 dc f3 45 f8 0e 91 4d 9e 26 d6 b0 8e 91 b8 7f 6f e3 dc b9 f8 7a 11 3a 17 65 de e0 6e 61 b5 ee 2c 6c 8a cc 0d 47 e8 dc f0 f5 04 cb 7d 84 8d e9 d1 3f 18 23 41 f5 49 58 9d e6 3d a2 a3 e8
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 8F?#X8^ZuEM&oz:ena,lG}?#AIX=)lWhn)U1o+dw~`#z=W,3&7`kG)EdnjT3sTF?/0'^kuQD=8d^[Q*WdHhP7
                                                                                                                                                                                                                                                                                                                                                                Feb 12, 2025 22:05:06.870140076 CET1236INData Raw: ab a9 73 7e 10 21 b3 7f 3f 98 f2 0a 83 52 f4 85 bb f5 bc aa 6a d7 51 ff 65 c7 5c 50 b5 82 5a 91 f4 f0 81 9a 55 64 d0 ef fc ca 7e cc f3 73 23 7e 8c 48 1d 19 ee c5 3a 8d db 47 a8 2d e9 db 05 d9 82 0d 5c dd 12 50 df 82 cf b9 ba 47 f0 9a c5 d5 cd 87
                                                                                                                                                                                                                                                                                                                                                                Data Ascii: s~!?RjQe\PZUd~s#~H:G-\PGk_H?ff)\{ZL$Ney?u2,qe|+WJx@W9h.k,s)]d{ q{;bl@,S/(^z1


                                                                                                                                                                                                                                                                                                                                                                Statistics

                                                                                                                                                                                                                                                                                                                                                                CPU Usage

                                                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                Memory Usage

                                                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                                                Behavior

                                                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                System Behavior

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:0
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:28
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x5a0000
                                                                                                                                                                                                                                                                                                                                                                File size:968'704 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:49C6332D7DDFAEC6D999414F35ED665D
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:2
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:29
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0xa80000
                                                                                                                                                                                                                                                                                                                                                                File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:3
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:29
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:4
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:31
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0xa80000
                                                                                                                                                                                                                                                                                                                                                                File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:5
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:31
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:6
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:31
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0xa80000
                                                                                                                                                                                                                                                                                                                                                                File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:7
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:31
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:8
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:31
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0xa80000
                                                                                                                                                                                                                                                                                                                                                                File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:9
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:31
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:10
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:32
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0xa80000
                                                                                                                                                                                                                                                                                                                                                                File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:11
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:32
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:12
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:32
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                                                File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:13
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:32
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                                                File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:14
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:32
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                                                File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:16
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:33
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2184 -parentBuildID 20230927232528 -prefsHandle 2132 -prefMapHandle 2128 -prefsLen 25308 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4462b6ba-8661-4864-b08d-51ab7b5f4cf6} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a0736df10 socket
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                                                File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:17
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:35
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4140 -parentBuildID 20230927232528 -prefsHandle 3976 -prefMapHandle 3888 -prefsLen 26338 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86938175-9509-4ff7-a417-23325ed0359c} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a197d8b10 rdd
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                                                File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                Target ID:19
                                                                                                                                                                                                                                                                                                                                                                Start time:16:04:43
                                                                                                                                                                                                                                                                                                                                                                Start date:12/02/2025
                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5028 -prefMapHandle 5016 -prefsLen 33119 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {759d927b-34cc-45ee-91d7-b87fecc7d62f} 6160 "\\.\pipe\gecko-crash-server-pipe.6160" 22a2323f910 utility
                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff79f9e0000
                                                                                                                                                                                                                                                                                                                                                                File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                Disassembly

                                                                                                                                                                                                                                                                                                                                                                Reset < >