Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
random.exe

Overview

General Information

Sample name:random.exe
Analysis ID:1615904
MD5:bca58035430238fde9990df16040d699
SHA1:12e1f30c10f8d228e70d28bd6e315679d91aa46e
SHA256:6c64e6e99e9173fd2233d7f6afe27d80d47a377eaa624ee1ca7cc0df803c5cbb
Tags:CredentialFlusherexeuser-aachum
Infos:

Detection

Credential Flusher
Score:76
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Joe Sandbox ML detected suspicious sample
Connects to many different domains
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Drops PE files
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes

Classification

Process Tree

  • System is w10x64
  • random.exe (PID: 7344 cmdline: "C:\Users\user\Desktop\random.exe" MD5: BCA58035430238FDE9990DF16040D699)
    • taskkill.exe (PID: 7416 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7424 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7512 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7520 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7576 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7584 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7640 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7648 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • taskkill.exe (PID: 7708 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 7716 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • firefox.exe (PID: 7796 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • firefox.exe (PID: 7828 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 7844 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 8084 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2280 -parentBuildID 20230927232528 -prefsHandle 2212 -prefMapHandle 2192 -prefsLen 25302 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2eb8d58-80a5-43e1-9d87-68a417caddbb} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8deb70510 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7700 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4364 -parentBuildID 20230927232528 -prefsHandle 3272 -prefMapHandle 1192 -prefsLen 26317 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6226335b-133b-4645-a31d-b8450eb35a66} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f0038810 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 1496 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5516 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 3364 -prefMapHandle 3368 -prefsLen 33202 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7868ebf1-24a1-4c81-8237-efed4182eb8b} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f1b49710 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: random.exe PID: 7344JoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: random.exeAvira: detected
    Multi AV Scanner detection for submitted file
    Source: random.exeVirustotal: Detection: 30%Perma Link
    Source: random.exeReversingLabs: Detection: 29%
    Joe Sandbox ML detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.4% probability
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49747 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.7:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.7:49770 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49846 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.7:49859 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:49881 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:49882 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49943 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.7:49944 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.7:49946 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49953 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49952 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49954 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.7:49955 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50027 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50023 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50025 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50024 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50028 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50026 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50029 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50030 version: TLS 1.2
    Source: Binary string: freebl3.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000F.00000003.1595696920.000001C8F9C01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000F.00000003.1604228145.000001C8EE533000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winsta.pdb source: firefox.exe, 0000000F.00000003.1585523050.000001C8F20EF000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mswsock.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WscApi.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000F.00000003.1604228145.000001C8EE533000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000F.00000003.1602770667.000001C8EE52D000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1600854294.000001C8EE52C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nsi.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xWindows.StateRepositoryPS.pdb source: firefox.exe, 0000000F.00000003.1574569442.000001C8F10AA000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000F.00000003.1572195975.000001C8F1FAB000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000F.00000003.1595696920.000001C8F9C01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winmm.pdb source: firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb@ source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winrnr.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1576274148.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msctf.pdb source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winnsi.pdb source: firefox.exe, 0000000F.00000003.1589939227.000001C8F100E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1575034380.000001C8F1007000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1576274148.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: twinapi.pdb source: firefox.exe, 0000000F.00000003.1572195975.000001C8F1FAB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: urlmon.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000F.00000003.1602770667.000001C8EE52D000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1600854294.000001C8EE52C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dxgi.pdb source: firefox.exe, 0000000F.00000003.1570454408.000001C8F25DF000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: devobj.pdb source: firefox.exe, 0000000F.00000003.1572195975.000001C8F1FAB000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d3d11.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: srvcli.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,1_2_0051DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004EC2A2 FindFirstFileExW,1_2_004EC2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005268EE FindFirstFileW,FindClose,1_2_005268EE
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,1_2_0052698F
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,1_2_0051D076
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,1_2_0051D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00529642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,1_2_00529642
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,1_2_0052979D
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00529B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,1_2_00529B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00525C97 FindFirstFileW,FindNextFileW,FindClose,1_2_00525C97
    Source: firefox.exeMemory has grown: Private usage: 1MB later: 201MB
    Source: unknownNetwork traffic detected: DNS query count 33
    Source: Joe Sandbox ViewIP Address: 151.101.1.91 151.101.1.91
    Source: Joe Sandbox ViewIP Address: 2.22.61.56 2.22.61.56
    Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
    Source: Joe Sandbox ViewIP Address: 34.49.51.44 34.49.51.44
    Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052CE44 InternetReadFile,SetEvent,GetLastError,SetEvent,1_2_0052CE44
    Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKLast-Modified: Fri, 07 Feb 2025 06:55:57 GMTETag: 85430baed3398695717b0263807cf97cContent-Length: 453023Accept-Ranges: bytesX-Timestamp: 1738911356.44453Content-Type: application/zipX-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1Cache-Control: public, max-age=246080Expires: Tue, 18 Feb 2025 12:52:23 GMTDate: Sat, 15 Feb 2025 16:31:03 GMTConnection: keep-aliveData Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 8e 6f 7e 76 61 a8 ac 9f b9 d9 3c 5a 97 c6 31 2e 23 c3 8c 4f a0 65 19 99 a3 19 c6 44 93 eb 58 fc 8b 69 1d c3 24 69 6d 42 57 c6 c3 51 26 be ba c1 04 b7 cb d9 50 a3 d0 e5 c2 bc 9a 2c 4d e4 98 2c a8 bd 3a 89 63 ac d1 cc 2d e5 98 0d 12 5c 9f e5 98 ce 1b e1 fa 2a c7 d4 01 8a ce 2d 69 cc 9c 4b 8c 49 f6 d6 34 86 61 a3 0a 36 18 99 2a dd c5 eb 4f 76 3d b6 d2 05 57 cb d3 46 b5 43 48 bb 3e b6 8e 99 61 ca 27 af 78 f4 11 d7 23 40 66 8d 8e c2 64 d6 c1 75 a5 31 a6 9e 0d fe 4f 56 ab 31 6f 7d 1b 09 84 0e 67 c2 35 90 16 5f cf 33 b9 4a ad 48 69 04 5a 99 69 70 4d e7 2e 84 b7 62 b9 5a 11 86 81 f9 25 dc 47 94 8b 46 aa f7 d8 d2 e5 15 0c e5 11 f2 8a d2 f2 f8 05 f5 0a 2f ce 89 ff 33 ff 71 9b d9 4a af c7 d0 f2 b6 f6 6f de 03 b3 25 f7 67 d9 4e d2 2a 91 7d 12 d9 29 c9 33 0d 4e 25 f1 21 b7 91 71 2a a9 0b e0 e2 eb b8 8b 81 b4 f1 5e 49 9e 6d 90 c8 7e 07 09 f8 36 dd 85 23 e9 7e 2b fb c1 87 17 85 41 d1 7f 12 49 5d 72 03 c7 e4 78 b4 e2 b9 2a 82 3c 49 59 6a c9 96 da ec cc 70 30 18 8c 60 53 ae 4d 40 14 45 f7 8f 66 ea 3d ae 3b 21 cf 40 1e b0 f8 be 0d 45 c4 bb 05 45 bb be a3 fa 9e ad 1b 20 e1 9b 9c 30 1a 6e da 03 12 f1 4a 64 c8 b7 1c 64 d2 7f fd d6 06 bc 75 4d ec 2d 94 71 49 c6 6c 52 8e 07 7a 9a 07 3d 7d a8 a5 72 83 44 e6 58 4c 5a a7 ac 92 f2 78 b6 24 97 04 7c 63 a1 31 d2 63 55 6b 4d e6 26 d6 51 6e 5d ac fe 61 5d 74 fd 68 fa a1 2a d4 b4 21 b9 36 20 37 80 e4 4a 64 af 44 76 4b 4a 22 57 67 64 2a 25 6e 99 07 d2 bf 77 ab e9 f6 4a 6e 69 fb 69 6e 6d 72 9b 40 4d 85 24 27 5a c7 73 8c 04 ec 18 23 29 25 Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1Host: ciscobinary.openh264.orgUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
    Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
    Source: firefox.exe, 0000000F.00000003.1555822212.000001C8EE6E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1580916953.000001C8F0BD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1580777580.000001C8F0BE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.youtube.com/* equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1445654708.000001C8F0CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436860551.000001C8F7093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1445654708.000001C8F0CCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436860551.000001C8F7093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.000002374940A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B360C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.000002374940A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B360C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
    Source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.000002374940A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B360C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1580777580.000001C8F0BE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: moz-extension://2a8a4ba3-32a0-495a-bbc2-63871e7b7005/injections/js/bug1842437-www.youtube.com-performance-now-precision.js equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
    Source: firefox.exe, 0000000F.00000003.1570454408.000001C8F25DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
    Source: firefox.exe, 0000000F.00000003.1579529092.000001C8F0AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
    Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: youtube.com
    Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
    Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
    Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: example.org
    Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
    Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: shavar.prod.mozaws.net
    Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: support.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: us-west1.prod.sumo.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
    Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: www.youtube.com
    Source: global trafficDNS traffic detected: DNS query: www.facebook.com
    Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
    Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
    Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
    Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
    Source: global trafficDNS traffic detected: DNS query: www.reddit.com
    Source: global trafficDNS traffic detected: DNS query: twitter.com
    Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
    Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
    Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
    Source: global trafficDNS traffic detected: DNS query: normandy.tombstone.experimenter.prod.webservices.mozgcp.net
    Source: global trafficDNS traffic detected: DNS query: a19.dscg10.akamai.net
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
    Source: firefox.exe, 0000000F.00000003.1583465111.000001C8F708A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436883018.000001C8F7083000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
    Source: firefox.exe, 0000000F.00000003.1583465111.000001C8F708A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436883018.000001C8F7083000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
    Source: firefox.exe, 0000000F.00000003.1583465111.000001C8F708A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436883018.000001C8F7083000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
    Source: firefox.exe, 0000000F.00000003.1583465111.000001C8F708A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436883018.000001C8F7083000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
    Source: firefox.exe, 0000000F.00000003.1582650813.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%s
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
    Source: firefox.exe, 0000000F.00000003.1582650813.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
    Source: firefox.exe, 0000000F.00000003.1582650813.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
    Source: firefox.exe, 0000000F.00000003.1579756573.000001C8F0A9E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1575034380.000001C8F102D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
    Source: firefox.exe, 0000000F.00000003.1586702952.000001C8F1F74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
    Source: firefox.exe, 0000000F.00000003.1445654708.000001C8F0CEF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
    Source: firefox.exe, 0000000F.00000003.1567853672.000001C8F2ABA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
    Source: firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
    Source: firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
    Source: firefox.exe, 0000000F.00000003.1445654708.000001C8F0CEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#
    Source: firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
    Source: firefox.exe, 0000000F.00000003.1441828824.000001C8F0BA7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1496171786.000001C8F0B94000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508674011.000001C8F0BA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1509285539.000001C8F0BC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
    Source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
    Source: firefox.exe, 0000000F.00000003.1605133325.000001C8EE6C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380653557.000001C8EE6B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1543360638.000001C8F0B6E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1538118753.000001C8F1CCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1555371164.000001C8EE9B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1604193316.000001C8EE9B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438958358.000001C8F27DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508244496.000001C8F0E21000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1537933217.000001C8EE9B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1574569442.000001C8F10E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508727168.000001C8F27E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1481499556.000001C8EE995000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1522813594.000001C8F0E37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1516925411.000001C8EE678000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1542452096.000001C8F0E31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1507553009.000001C8F0B70000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1557079862.000001C8F0BA7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1496364346.000001C8F0B6F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1604193316.000001C8EE9A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426722211.000001C8F10D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ocsp.digicert.com0C
    Source: firefox.exe, 0000000F.00000003.1582650813.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ocsp.digicert.com0N
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ocsp.thawte.com0
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000000F.00000003.1574569442.000001C8F10E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1569732925.000001C8F2689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1589106620.000001C8F10E7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0
    Source: firefox.exe, 0000000F.00000003.1425864427.000001C8F2689000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
    Source: firefox.exe, 0000000F.00000003.1574569442.000001C8F10E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1569732925.000001C8F2689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1589106620.000001C8F10E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425864427.000001C8F2689000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000F.00000003.1582650813.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%s
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: http://www.mozilla.com0
    Source: firefox.exe, 0000000F.00000003.1583465111.000001C8F708A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436883018.000001C8F7083000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
    Source: firefox.exe, 0000000F.00000003.1577833826.000001C8F0C22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
    Source: firefox.exe, 00000013.00000003.1412572226.000002374A13D000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2572651885.000002374A13D000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000003.1416153063.000002374A13D000.00000004.00000020.00020000.00000000.sdmp, mozilla-temp-41.15.drString found in binary or memory: http://www.videolan.org/x264.html
    Source: firefox.exe, 0000000F.00000003.1569732925.000001C8F2689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425864427.000001C8F2689000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
    Source: firefox.exe, 0000000F.00000003.1569732925.000001C8F2689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425864427.000001C8F2689000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
    Source: firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://youtube.com/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
    Source: firefox.exe, 0000000F.00000003.1373886489.000001C8EE842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374084070.000001C8EE863000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374277154.000001C8EE883000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
    Source: firefox.exe, 0000000F.00000003.1416084224.000001C8F1F54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
    Source: firefox.exe, 0000000F.00000003.1425864427.000001C8F26AF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1569732925.000001C8F26AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
    Source: firefox.exe, 0000000F.00000003.1577833826.000001C8F0C0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
    Source: firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
    Source: firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
    Source: firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
    Source: firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
    Source: firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
    Source: firefox.exe, 0000000F.00000003.1561238368.000001C8F70A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1567115194.000001C8F70A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://allegro.pl/
    Source: firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1D1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1D1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
    Source: firefox.exe, 0000000F.00000003.1570454408.000001C8F25DF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
    Source: firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
    Source: firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
    Source: firefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252.
    Source: firefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696490019400400000.1&ci=1696490019252.12791&cta
    Source: firefox.exe, 0000000F.00000003.1574569442.000001C8F10DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
    Source: firefox.exe, 0000000F.00000003.1536717092.000001C8EE990000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
    Source: firefox.exe, 0000000F.00000003.1535062203.000001C8EE9DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
    Source: firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
    Source: firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
    Source: firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
    Source: firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
    Source: firefox.exe, 0000000F.00000003.1534332997.000001C8EE85D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1536717092.000001C8EE990000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
    Source: firefox.exe, 0000000F.00000003.1373886489.000001C8EE842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374084070.000001C8EE863000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374277154.000001C8EE883000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
    Source: firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425367515.000001C8F6E9F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
    Source: firefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
    Source: firefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
    Source: firefox.exe, 0000000F.00000003.1426697697.000001C8F1B20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
    Source: firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
    Source: firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
    Source: firefox.exe, 0000000F.00000003.1410160897.000001C8F275D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
    Source: firefox.exe, 0000000F.00000003.1555822212.000001C8EE6E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1580916953.000001C8F0BD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000F.00000003.1522813594.000001C8F0E37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508244496.000001C8F0E36000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1542452096.000001C8F0E36000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
    Source: firefox.exe, 0000000F.00000003.1410160897.000001C8F275D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
    Source: firefox.exe, 0000000F.00000003.1506497969.000001C8F0B7F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1443674244.000001C8F0B7F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373886489.000001C8EE842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374084070.000001C8EE863000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1507514036.000001C8F0B7F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374277154.000001C8EE883000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
    Source: firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2ACE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1567576211.000001C8F2AC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.0000023749412000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B3613000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
    Source: firefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1431547931.000001C8F03CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/673d2808-e5d8-41b9-957
    Source: firefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1431547931.000001C8F03CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
    Source: firefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/f0f51715-7f5e-48de-839
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
    Source: firefox.exe, 0000000F.00000003.1561238368.000001C8F7092000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1567115194.000001C8F709A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2ACE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1567576211.000001C8F2AC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.0000023749412000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B3613000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
    Source: firefox.exe, 00000015.00000002.2566028318.000001A2B36C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
    Source: firefox.exe, 00000015.00000002.2566028318.000001A2B36C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
    Source: firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.000002374942F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B3630000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
    Source: firefox.exe, 00000015.00000002.2566028318.000001A2B36C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
    Source: firefox.exe, 0000000F.00000003.1568820766.000001C8F2873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
    Source: firefox.exe, 00000015.00000002.2566028318.000001A2B36C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
    Source: firefox.exe, 0000000F.00000003.1410160897.000001C8F275D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
    Source: firefox.exe, 0000000F.00000003.1438958358.000001C8F27DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1520982991.000001C8F27DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1410858428.000001C8F27DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
    Source: firefox.exe, 0000000F.00000003.1438958358.000001C8F27DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1520982991.000001C8F27DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1410858428.000001C8F27DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
    Source: firefox.exe, 0000000F.00000003.1373886489.000001C8EE842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374084070.000001C8EE863000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
    Source: firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
    Source: firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
    Source: firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
    Source: firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
    Source: firefox.exe, 0000000F.00000003.1538118753.000001C8F1CA7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1478074909.000001C8EF313000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1520923964.000001C8F1CE5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1478633677.000001C8EF316000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1555822212.000001C8EE6E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1517968906.000001C8F1CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1562958792.000001C8F6FFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
    Source: firefox.exe, 0000000F.00000003.1583625514.000001C8F6EB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1561556153.000001C8F6EAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1D1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
    Source: firefox.exe, 0000000F.00000003.1583625514.000001C8F6EB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1561556153.000001C8F6EAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
    Source: firefox.exe, 0000000F.00000003.1583625514.000001C8F6EB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1561556153.000001C8F6EAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
    Source: firefox.exe, 0000000F.00000003.1583625514.000001C8F6EB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1561556153.000001C8F6EAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
    Source: firefox.exe, 0000000F.00000003.1583625514.000001C8F6EB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1561556153.000001C8F6EAB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
    Source: firefox.exe, 0000000F.00000003.1568651115.000001C8F2890000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
    Source: prefs-1.js.15.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqWfpl%2B4pbW4pbWfpbW7ReNxR3UIG8zInwYIFIVs9e
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
    Source: firefox.exe, 00000015.00000002.2566028318.000001A2B36F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
    Source: firefox.exe, 0000000F.00000003.1575937477.000001C8F0DBB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/c64c6f01-8799-4fcf-bd12-cf948
    Source: firefox.exe, 0000000F.00000003.1592950969.000001C8F0AC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/messaging-system/1/01e461df-d85d-4561-
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/32dae8e3-180f-4a84-a661-1b23
    Source: firefox.exe, 0000000F.00000003.1592950969.000001C8F0AC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/2577fbb9-de80-448f
    Source: firefox.exe, 0000000F.00000003.1592950969.000001C8F0AC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/6fac358f-d108-452f
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
    Source: firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
    Source: firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
    Source: firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
    Source: firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
    Source: firefox.exe, 0000000F.00000003.1416084224.000001C8F1F54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
    Source: firefox.exe, 0000000F.00000003.1416084224.000001C8F1F54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
    Source: firefox.exe, 0000000F.00000003.1555822212.000001C8EE6E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1580916953.000001C8F0BD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
    Source: firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
    Source: firefox.exe, 00000011.00000002.2566457384.00000291B9E72000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.0000023749486000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B368F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
    Source: firefox.exe, 00000013.00000002.2564823303.0000023749486000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggestabout
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
    Source: firefox.exe, 0000000F.00000003.1506091838.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mochitest.youtube.com/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
    Source: firefox.exe, 0000000F.00000003.1445654708.000001C8F0CEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla-hub.atlassian.net/browse/SDK-405
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
    Source: firefox.exe, 0000000F.00000003.1597887366.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1599837567.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1595276309.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1582650813.000001C8EE4E0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1601464352.000001C8EE4DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
    Source: firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
    Source: firefox.exe, 0000000F.00000003.1496765663.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1506091838.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/page/
    Source: firefox.exe, 0000000F.00000003.1496765663.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1506091838.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/player/
    Source: firefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
    Source: firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s4
    Source: firefox.exe, 0000000F.00000003.1445654708.000001C8F0CEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://probeinfo.telemetry.mozilla.org/glean/repositories.
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
    Source: firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
    Source: firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
    Source: firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
    Source: firefox.exe, 0000000F.00000003.1522813594.000001C8F0E37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508244496.000001C8F0E36000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1542452096.000001C8F0E36000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
    Source: firefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
    Source: firefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
    Source: firefox.exe, 0000000F.00000003.1426697697.000001C8F1B20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1567576211.000001C8F2AC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.0000023749412000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B3613000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570454408.000001C8F25DF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494BC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B36F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
    Source: firefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
    Source: firefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
    Source: firefox.exe, 0000000F.00000003.1565779105.000001C8F72D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
    Source: firefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-def
    Source: firefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=spotlight
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
    Source: firefox.exe, 0000000F.00000003.1592401079.000001C8F0C91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
    Source: firefox.exe, 0000000F.00000003.1446731453.000001C8F0C93000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592950969.000001C8F0AC4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590458226.000001C8F0DC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1575937477.000001C8F0DBB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1579756573.000001C8F0AC4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592401079.000001C8F0C91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C8F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
    Source: firefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
    Source: firefox.exe, 0000000F.00000003.1492504862.000001C8F1112000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
    Source: firefox.exe, 0000000F.00000003.1586557875.000001C8F1FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416084224.000001C8F1FBB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1572195975.000001C8F1FBB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
    Source: firefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.S3DiLP_FhcLK
    Source: firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
    Source: firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
    Source: firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
    Source: firefox.exe, 0000000F.00000003.1570523154.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
    Source: firefox.exe, 0000000F.00000003.1410160897.000001C8F275D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
    Source: firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
    Source: firefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0
    Source: firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1507514036.000001C8F0B7F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374277154.000001C8EE883000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bbc.co.uk/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
    Source: gmpopenh264.dll.tmp.15.drString found in binary or memory: https://www.digicert.com/CPS0
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
    Source: firefox.exe, 0000000F.00000003.1416084224.000001C8F1FEE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
    Source: firefox.exe, 0000000F.00000003.1568820766.000001C8F2873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
    Source: firefox.exe, 0000000F.00000003.1425189478.000001C8F6EB4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1413142847.000001C8F2953000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
    Source: firefox.exe, 0000000F.00000003.1425593061.000001C8F6E33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374277154.000001C8EE883000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
    Source: firefox.exe, 0000000F.00000003.1423943194.000001C8F70AF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
    Source: firefox.exe, 0000000F.00000003.1496765663.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1506091838.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hulu.com/watch/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
    Source: firefox.exe, 0000000F.00000003.1496765663.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1506091838.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.instagram.com/
    Source: firefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drString found in binary or memory: https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
    Source: firefox.exe, 0000000F.00000003.1565779105.000001C8F72D2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1569201212.000001C8F26F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425824546.000001C8F26F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
    Source: firefox.exe, 0000000F.00000003.1436883018.000001C8F706F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
    Source: firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
    Source: firefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.jXqaKJMO4ZEP
    Source: firefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1431547931.000001C8F03CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1D1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
    Source: firefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.NYz0wxyUaYSW
    Source: firefox.exe, 0000000F.00000003.1592401079.000001C8F0C91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/
    Source: targeting.snapshot.json.tmp.15.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1DCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/gro.allizom.www.d
    Source: firefox.exe, 0000000F.00000003.1592401079.000001C8F0C91000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
    Source: firefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1D1C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
    Source: firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B36F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
    Source: firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
    Source: firefox.exe, 0000000F.00000003.1568408529.000001C8F28BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
    Source: firefox.exe, 0000000F.00000003.1573761589.000001C8F1DCB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
    Source: firefox.exe, 0000000F.00000003.1416084224.000001C8F1F54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
    Source: firefox.exe, 0000000F.00000003.1540262306.000001C8F038F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
    Source: firefox.exe, 0000000F.00000003.1436860551.000001C8F7093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
    Source: firefox.exe, 0000000F.00000003.1558007232.000001C8EEDFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1555741868.000001C8EE6F5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1551710797.000001C8EE678000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1549942665.000001C8EE605000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1580777580.000001C8F0BDD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
    Source: firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
    Source: firefox.exe, 0000000F.00000003.1436860551.000001C8F7093000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.000002374940A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B360C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: firefox.exe, 0000000F.00000003.1584144609.000001C8F6E48000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
    Source: firefox.exe, 0000000F.00000003.1416084224.000001C8F1F70000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
    Source: recovery.jsonlz4.tmp.15.drString found in binary or memory: https://youtube.com/account?=
    Source: firefox.exe, 00000015.00000002.2565291380.000001A2B3540000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=ht
    Source: firefox.exe, 0000000F.00000003.1436860551.000001C8F7093000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1529210173.000001C8F0B59000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1505994895.000001C8F0B59000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1506223337.000001C8F0B48000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2565140807.00000291B9C94000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2565656829.00000291B9CA0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2565656829.00000291B9CAA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2562836965.000002374913A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2569457963.0000023749514000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2562836965.0000023749130000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2563292941.000001A2B32CA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2565291380.000001A2B3544000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
    Source: firefox.exe, 0000000D.00000002.1356600233.0000020009EB7000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.1367592207.000001683DE7F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
    Source: firefox.exe, 0000000F.00000003.1598774830.000001C8EE50F000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2565140807.00000291B9C94000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2565656829.00000291B9CA0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2569457963.0000023749514000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2562836965.0000023749130000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2565291380.000001A2B3544000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2563292941.000001A2B32C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
    Source: firefox.exe, 00000015.00000002.2563292941.000001A2B32C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdbo9Z
    Source: firefox.exe, 00000015.00000002.2563292941.000001A2B32CA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdvo9N
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
    Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
    Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
    Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
    Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
    Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
    Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
    Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
    Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
    Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
    Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
    Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50030 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
    Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49747 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.7:49761 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.7:49770 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49846 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.7:49859 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:49881 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:49882 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49943 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.7:49944 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.7:49946 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49953 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49952 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.7:49954 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.7:49955 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50027 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50023 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50025 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50024 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50028 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50026 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50029 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.7:50030 version: TLS 1.2
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,1_2_0052EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052ED6A OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,1_2_0052ED6A
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052EAFF OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,1_2_0052EAFF
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051AA57 GetKeyboardState,SetKeyboardState,PostMessageW,SendInput,1_2_0051AA57
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00549576 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,1_2_00549576

    System Summary

    barindex
    Binary is likely a compiled AutoIt script file
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.
    Source: random.exe, 00000001.00000000.1314397419.0000000000572000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_74035af0-4
    Source: random.exe, 00000001.00000000.1314397419.0000000000572000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_7086d2b0-d
    Source: random.exeString found in binary or memory: This is a third-party compiled AutoIt script.memstr_a25733bf-f
    Source: random.exeString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_a252d665-4
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749A92377 NtQuerySystemInformation,19_2_0000023749A92377
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749AB7E72 NtQuerySystemInformation,19_2_0000023749AB7E72
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051D5EB: CreateFileW,DeviceIoControl,CloseHandle,1_2_0051D5EB
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00511201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,1_2_00511201
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051E8F6 ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,1_2_0051E8F6
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004BBF401_2_004BBF40
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005220461_2_00522046
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B80601_2_004B8060
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005182981_2_00518298
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004EE4FF1_2_004EE4FF
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004E676B1_2_004E676B
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005448731_2_00544873
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004BCAF01_2_004BCAF0
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004DCAA01_2_004DCAA0
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004CCC391_2_004CCC39
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004E6DD91_2_004E6DD9
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004CB1191_2_004CB119
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B91C01_2_004B91C0
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D13941_2_004D1394
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D17061_2_004D1706
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D781B1_2_004D781B
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004C997D1_2_004C997D
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B79201_2_004B7920
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D19B01_2_004D19B0
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D7A4A1_2_004D7A4A
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D1C771_2_004D1C77
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D7CA71_2_004D7CA7
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0053BE441_2_0053BE44
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004E9EEE1_2_004E9EEE
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D1F321_2_004D1F32
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749A9237719_2_0000023749A92377
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749AB7E7219_2_0000023749AB7E72
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749AB859C19_2_0000023749AB859C
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749AB7EB219_2_0000023749AB7EB2
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 004D0A30 appears 46 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 004CF9F2 appears 40 times
    Source: C:\Users\user\Desktop\random.exeCode function: String function: 004B9CB3 appears 31 times
    Source: random.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
    Source: classification engineClassification label: mal76.troj.evad.winEXE@34/34@68/14
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005237B5 GetLastError,FormatMessageW,1_2_005237B5
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005110BF AdjustTokenPrivileges,CloseHandle,1_2_005110BF
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005116C3 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,1_2_005116C3
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005251CD SetErrorMode,GetDiskFreeSpaceExW,SetErrorMode,1_2_005251CD
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051D4DC CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,1_2_0051D4DC
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052648E _wcslen,CoInitialize,CoCreateInstance,CoUninitialize,1_2_0052648E
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B42A2 CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,1_2_004B42A2
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7584:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7648:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7716:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7424:120:WilError_03
    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7520:120:WilError_03
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user~1\AppData\Local\Temp\firefoxJump to behavior
    Source: random.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
    Source: C:\Users\user\Desktop\random.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
    Source: firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
    Source: random.exeVirustotal: Detection: 30%
    Source: random.exeReversingLabs: Detection: 29%
    Source: unknownProcess created: C:\Users\user\Desktop\random.exe "C:\Users\user\Desktop\random.exe"
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
    Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
    Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2280 -parentBuildID 20230927232528 -prefsHandle 2212 -prefMapHandle 2192 -prefsLen 25302 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2eb8d58-80a5-43e1-9d87-68a417caddbb} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8deb70510 socket
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4364 -parentBuildID 20230927232528 -prefsHandle 3272 -prefMapHandle 1192 -prefsLen 26317 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6226335b-133b-4645-a31d-b8450eb35a66} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f0038810 rdd
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5516 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 3364 -prefMapHandle 3368 -prefsLen 33202 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7868ebf1-24a1-4c81-8237-efed4182eb8b} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f1b49710 utility
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blockingJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2280 -parentBuildID 20230927232528 -prefsHandle 2212 -prefMapHandle 2192 -prefsLen 25302 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2eb8d58-80a5-43e1-9d87-68a417caddbb} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8deb70510 socketJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4364 -parentBuildID 20230927232528 -prefsHandle 3272 -prefMapHandle 1192 -prefsLen 26317 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6226335b-133b-4645-a31d-b8450eb35a66} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f0038810 rddJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5516 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 3364 -prefMapHandle 3368 -prefsLen 33202 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7868ebf1-24a1-4c81-8237-efed4182eb8b} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f1b49710 utilityJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wsock32.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: version.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wininet.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: uxtheme.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: windows.storage.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wldp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: napinsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: pnrpnsp.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: wshbth.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: nlaapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: winrnr.dllJump to behavior
    Source: C:\Users\user\Desktop\random.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dllJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dllJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
    Source: random.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
    Source: Binary string: freebl3.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: webauthn.pdb source: firefox.exe, 0000000F.00000003.1595696920.000001C8F9C01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wininet.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: avrt.pdb source: firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdbGCTL source: firefox.exe, 0000000F.00000003.1604228145.000001C8EE533000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winsta.pdb source: firefox.exe, 0000000F.00000003.1585523050.000001C8F20EF000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: mswsock.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: WscApi.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: wshbth.pdb source: firefox.exe, 0000000F.00000003.1604228145.000001C8EE533000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000F.00000003.1602770667.000001C8EE52D000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1600854294.000001C8EE52C000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nsi.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xWindows.StateRepositoryPS.pdb source: firefox.exe, 0000000F.00000003.1574569442.000001C8F10AA000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000F.00000003.1572195975.000001C8F1FAB000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000F.00000003.1595696920.000001C8F9C01000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: winmm.pdb source: firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb@ source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winrnr.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1576274148.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: msctf.pdb source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winnsi.pdb source: firefox.exe, 0000000F.00000003.1589939227.000001C8F100E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1575034380.000001C8F1007000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1576274148.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0D85000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: sspicli.pdb source: firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: twinapi.pdb source: firefox.exe, 0000000F.00000003.1572195975.000001C8F1FAB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000F.00000003.1579529092.000001C8F0AC9000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: urlmon.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: gmpopenh264.dll.tmp.15.dr
    Source: Binary string: NapiNSP.pdbUGP source: firefox.exe, 0000000F.00000003.1602770667.000001C8EE52D000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1600854294.000001C8EE52C000.00000004.00000020.00020000.00000000.sdmp
    Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000F.00000003.1579284218.000001C8F0AFB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1592733055.000001C8F0AFE000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: winhttp.pdb source: firefox.exe, 0000000F.00000003.1567576211.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584722857.000001C8F2AED000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dxgi.pdb source: firefox.exe, 0000000F.00000003.1570454408.000001C8F25DF000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000F.00000003.1568115592.000001C8F28F2000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: devobj.pdb source: firefox.exe, 0000000F.00000003.1572195975.000001C8F1FAB000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: d3d11.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000F.00000003.1585905462.000001C8F2056000.00000004.00000800.00020000.00000000.sdmp
    Source: Binary string: srvcli.pdb source: firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
    Source: random.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,1_2_004B42DE
    Source: gmpopenh264.dll.tmp.15.drStatic PE information: section name: .rodata
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D0A76 push ecx; ret 1_2_004D0A89
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
    Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004CF98E GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,1_2_004CF98E
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00541C41 IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,1_2_00541C41
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

    Malware Analysis System Evasion

    barindex
    Found API chain indicative of sandbox detection
    Source: C:\Users\user\Desktop\random.exeSandbox detection routine: GetForegroundWindow, DecisionNode, Sleepgraph_1-94948
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749A92377 rdtsc 19_2_0000023749A92377
    Source: C:\Users\user\Desktop\random.exeAPI coverage: 3.8 %
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051DBBE lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,1_2_0051DBBE
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004EC2A2 FindFirstFileExW,1_2_004EC2A2
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005268EE FindFirstFileW,FindClose,1_2_005268EE
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052698F FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,1_2_0052698F
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051D076 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,1_2_0051D076
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051D3A9 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,1_2_0051D3A9
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00529642 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,1_2_00529642
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052979D SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,1_2_0052979D
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00529B2B FindFirstFileW,Sleep,FindNextFileW,FindClose,1_2_00529B2B
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00525C97 FindFirstFileW,FindNextFileW,FindClose,1_2_00525C97
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,1_2_004B42DE
    Source: firefox.exe, 00000011.00000002.2572394391.00000291BA100000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll.
    Source: firefox.exe, 00000013.00000002.2570090082.0000023749980000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllt
    Source: firefox.exe, 00000015.00000002.2563292941.000001A2B32CA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW 7p
    Source: firefox.exe, 00000011.00000002.2565656829.00000291B9CAA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2562836965.000002374913A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2570090082.0000023749980000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: firefox.exe, 00000011.00000002.2571325695.00000291BA013000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
    Source: random.exe, 00000001.00000002.1412763148.0000000000DA0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWe/
    Source: firefox.exe, 00000015.00000002.2570089370.000001A2B3700000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW]
    Source: firefox.exe, 00000011.00000002.2572394391.00000291BA100000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2570090082.0000023749980000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
    Source: C:\Users\user\Desktop\random.exeProcess information queried: ProcessInformationJump to behavior
    Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 19_2_0000023749A92377 rdtsc 19_2_0000023749A92377
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0052EAA2 BlockInput,1_2_0052EAA2
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004E2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,1_2_004E2622
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,1_2_004B42DE
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D4CE8 mov eax, dword ptr fs:[00000030h]1_2_004D4CE8
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00510B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,1_2_00510B62
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: DebugJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004E2622 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,1_2_004E2622
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D083F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,1_2_004D083F
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D09D5 SetUnhandledExceptionFilter,1_2_004D09D5
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D0C21 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,1_2_004D0C21
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00511201 LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,1_2_00511201
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004F2BA5 KiUserCallbackDispatcher,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,1_2_004F2BA5
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0051B226 SendInput,keybd_event,1_2_0051B226
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_005322DA GetForegroundWindow,GetDesktopWindow,GetWindowRect,mouse_event,GetCursorPos,mouse_event,1_2_005322DA
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /TJump to behavior
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00510B62 GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,1_2_00510B62
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00511663 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,1_2_00511663
    Source: random.exeBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
    Source: random.exeBinary or memory string: Shell_TrayWnd
    Source: firefox.exe, 0000000F.00000003.1556310068.000001C8F9C01000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: hSoftware\Policies\Microsoft\Windows\PersonalizationNoChangingStartMenuBackgroundPersonalColors_BackgroundWilStaging_02RtlDisownModuleHeapAllocationRtlQueryFeatureConfigurationRtlRegisterFeatureConfigurationChangeNotificationRtlSubscribeWnfStateChangeNotificationRtlDllShutdownInProgressntdll.dllNtQueryWnfStateDataLocal\SM0:%d:%d:%hs_p0Local\SessionImmersiveColorPreferenceBEGINTHMthmfile\Sessions\%d\Windows\ThemeSectionMessageWindowendthemewndThemeApiConnectionRequest\ThemeApiPortwinsta0SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\PersonalizeAppsUseLightThemeSystemUsesLightThemedefaultshell\themes\uxtheme\render.cppCompositedWindow::WindowdeletedrcacheMDIClientSoftware\Microsoft\Windows\DWMColorPrevalenceSoftware\Microsoft\Windows\CurrentVersion\ImmersiveShellTabletModeMENUAccentColorSoftware\Microsoft\Windows\CurrentVersion\Explorer\AccentDefaultStartColorControl Panel\DesktopAutoColorizationAccentColorMenuStartColorMenuAutoColorSoftware\Microsoft\Windows\CurrentVersion\Themes\History\ColorsSoftware\Microsoft\Windows\CurrentVersion\Themes\HistoryAccentPaletteTab$Shell_TrayWndLocal\SessionImmersiveColorMutex
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004D0698 cpuid 1_2_004D0698
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0050D21C GetLocalTime,1_2_0050D21C
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_0050D27A GetUserNameW,1_2_0050D27A
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004EB952 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,1_2_004EB952
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_004B42DE GetVersionExW,GetCurrentProcess,IsWow64Process,LoadLibraryA,GetProcAddress,GetNativeSystemInfo,FreeLibrary,GetSystemInfo,GetSystemInfo,1_2_004B42DE

    Stealing of Sensitive Information

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7344, type: MEMORYSTR
    Source: random.exeBinary or memory string: WIN_81
    Source: random.exeBinary or memory string: WIN_XP
    Source: random.exeBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
    Source: random.exeBinary or memory string: WIN_XPe
    Source: random.exeBinary or memory string: WIN_VISTA
    Source: random.exeBinary or memory string: WIN_7
    Source: random.exeBinary or memory string: WIN_8

    Remote Access Functionality

    barindex
    Yara detected Credential Flusher
    Source: Yara matchFile source: Process Memory Space: random.exe PID: 7344, type: MEMORYSTR
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00531204 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,1_2_00531204
    Source: C:\Users\user\Desktop\random.exeCode function: 1_2_00531806 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,1_2_00531806

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire Infrastructure2
    Valid Accounts    		1
    Windows Management Instrumentation    		1
    DLL Side-Loading    		1
    Exploitation for Privilege Escalation    		2
    Disable or Modify Tools    		21
    Input Capture    		2
    System Time Discovery    		Remote Services1
    Archive Collected Data    		3
    Ingress Tool Transfer    		Exfiltration Over Other Network Medium1
    System Shutdown/Reboot
    CredentialsDomainsDefault Accounts1
    Native API    		2
    Valid Accounts    		1
    DLL Side-Loading    		1
    Deobfuscate/Decode Files or Information    		LSASS Memory1
    Account Discovery    		Remote Desktop Protocol21
    Input Capture    		12
    Encrypted Channel    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
    Extra Window Memory Injection    		2
    Obfuscated Files or Information    		Security Account Manager2
    File and Directory Discovery    		SMB/Windows Admin Shares3
    Clipboard Data    		3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
    Valid Accounts    		1
    DLL Side-Loading    		NTDS16
    System Information Discovery    		Distributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script21
    Access Token Manipulation    		1
    Extra Window Memory Injection    		LSA Secrets131
    Security Software Discovery    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts2
    Process Injection    		1
    Masquerading    		Cached Domain Credentials1
    Virtualization/Sandbox Evasion    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items2
    Valid Accounts    		DCSync3
    Process Discovery    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
    Virtualization/Sandbox Evasion    		Proc Filesystem1
    Application Window Discovery    		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
    Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
    Access Token Manipulation    		/etc/passwd and /etc/shadow1
    System Owner/User Discovery    		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
    IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron2
    Process Injection    		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1615904 Sample: random.exe Startdate: 15/02/2025 Architecture: WINDOWS Score: 76 45 youtube.com 2->45 47 youtube-ui.l.google.com 2->47 49 38 other IPs or domains 2->49 57 Antivirus / Scanner detection for submitted sample 2->57 59 Multi AV Scanner detection for submitted file 2->59 61 Yara detected Credential Flusher 2->61 63 2 other signatures 2->63 8 random.exe 2->8         started        11 firefox.exe 1 2->11         started        signatures3 process4 signatures5 65 Binary is likely a compiled AutoIt script file 8->65 67 Found API chain indicative of sandbox detection 8->67 13 taskkill.exe 1 8->13         started        15 taskkill.exe 1 8->15         started        17 taskkill.exe 1 8->17         started        23 3 other processes 8->23 19 firefox.exe 3 199 11->19         started        process6 dnsIp7 25 conhost.exe 13->25         started        27 conhost.exe 15->27         started        29 conhost.exe 17->29         started        51 youtube.com 172.217.16.206, 443, 49738, 49743 GOOGLEUS United States 19->51 53 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49744, 49762, 49763 GOOGLEUS United States 19->53 55 12 other IPs or domains 19->55 41 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 19->41 dropped 43 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 19->43 dropped 31 firefox.exe 1 19->31         started        33 firefox.exe 1 19->33         started        35 firefox.exe 1 19->35         started        37 conhost.exe 23->37         started        39 conhost.exe 23->39         started        file8 process9

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    random.exe31%VirustotalBrowse
    random.exe30%ReversingLabsWin32.Trojan.Generic
    random.exe100%AviraTR/ATRAPS.Gen

    Dropped Files

    SourceDetectionScannerLabelLink
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%VirustotalBrowse
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs
    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%VirustotalBrowse

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    No Antivirus matches

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    example.org
    		23.215.0.132
    		truefalse
      		high
      star-mini.c10r.facebook.com
      		157.240.253.35
      		truefalse
        		high
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		high
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		high
            twitter.com
            		104.244.42.129
            		truefalse
              		high
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		high
                shavar.prod.mozaws.net
                		52.24.11.115
                		truefalse
                  		high
                  services.addons.mozilla.org
                  		151.101.1.91
                  		truefalse
                    		high
                    dyna.wikimedia.org
                    		185.15.59.224
                    		truefalse
                      		high
                      prod.remote-settings.prod.webservices.mozgcp.net
                      		34.149.100.209
                      		truefalse
                        		high
                        contile.services.mozilla.com
                        		34.117.188.166
                        		truefalse
                          		high
                          youtube.com
                          		172.217.16.206
                          		truefalse
                            		high
                            prod.content-signature-chains.prod.webservices.mozgcp.net
                            		34.160.144.191
                            		truefalse
                              		high
                              a19.dscg10.akamai.net
                              		2.22.61.56
                              		truefalse
                                		high
                                youtube-ui.l.google.com
                                		216.58.206.46
                                		truefalse
                                  		high
                                  us-west1.prod.sumo.prod.webservices.mozgcp.net
                                  		34.149.128.2
                                  		truefalse
                                    		high
                                    reddit.map.fastly.net
                                    		151.101.129.140
                                    		truefalse
                                      		high
                                      ipv4only.arpa
                                      		192.0.0.170
                                      		truefalse
                                        		high
                                        prod.ads.prod.webservices.mozgcp.net
                                        		34.117.188.166
                                        		truefalse
                                          		high
                                          push.services.mozilla.com
                                          		34.107.243.93
                                          		truefalse
                                            		high
                                            normandy.tombstone.experimenter.prod.webservices.mozgcp.net
                                            		34.49.51.44
                                            		truefalse
                                              		high
                                              telemetry-incoming.r53-2.services.mozilla.com
                                              		34.120.208.123
                                              		truefalse
                                                		high
                                                www.reddit.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  spocs.getpocket.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    content-signature-2.cdn.mozilla.net
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      support.mozilla.org
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        firefox.settings.services.mozilla.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          www.youtube.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            www.facebook.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              detectportal.firefox.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                normandy.cdn.mozilla.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  shavar.services.mozilla.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    www.wikipedia.org
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                        		high
                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 00000015.00000002.2566028318.000001A2B36C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                            		high
                                                                            https://datastudio.google.com/embed/reporting/firefox.exe, 0000000F.00000003.1555822212.000001C8EE6E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1580916953.000001C8F0BD9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://www.mozilla.com0gmpopenh264.dll.tmp.15.drfalse
                                                                                		high
                                                                                https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000000F.00000003.1410160897.000001C8F275D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000011.00000002.2566457384.00000291B9E72000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.0000023749486000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B368F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://www.leboncoin.fr/firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://spocs.getpocket.com/spocsfirefox.exe, 0000000F.00000003.1425463659.000001C8F6E52000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://completion.amazon.com/search/complete?q=firefox.exe, 0000000F.00000003.1373886489.000001C8EE842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374084070.000001C8EE863000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374277154.000001C8EE883000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000F.00000003.1561238368.000001C8F70A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1567115194.000001C8F70A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000F.00000003.1583625514.000001C8F6EB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1561556153.000001C8F6EAB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://monitor.firefox.com/breach-details/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://github.com/w3c/csswg-drafts/issues/4650firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1507514036.000001C8F0B7F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374277154.000001C8EE883000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://www.msn.comfirefox.exe, 0000000F.00000003.1416084224.000001C8F1F54000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000F.00000003.1373886489.000001C8EE842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1374084070.000001C8EE863000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373389792.000001C8EE600000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-deffirefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://youtube.com/firefox.exe, 0000000F.00000003.1416084224.000001C8F1F70000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://content-signature-2.cdn.mozilla.net/firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://json-schema.org/draft/2020-12/schema/=firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://support.mozilla.org/products/firefoxgro.allizom.troppus.S3DiLP_FhcLKfirefox.exe, 0000000F.00000003.1560314863.000001C8F7291000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000000F.00000003.1573761589.000001C8F1D1C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://www.instagram.com/firefox.exe, 0000000F.00000003.1496765663.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1506091838.000001C8F0B4E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://api.accounts.firefox.com/v1firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://www.amazon.com/firefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://win.mail.ru/cgi-bin/sentmsg?mailto=%sfirefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://www.youtube.com/firefox.exe, 0000000F.00000003.1436860551.000001C8F7093000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.000002374940A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B360C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000F.00000003.1535062203.000001C8EE9DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://www.bbc.co.uk/firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 00000015.00000002.2566028318.000001A2B36C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              http://127.0.0.1:firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000F.00000003.1522813594.000001C8F0E37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508244496.000001C8F0E36000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1542452096.000001C8F0E36000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://bugzilla.mofirefox.exe, 0000000F.00000003.1574569442.000001C8F10DA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://mitmdetection.services.mozilla.com/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000F.00000003.1437007974.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438404186.000001C8F0CE6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1577833826.000001C8F0C67000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://youtube.com/account?=recovery.jsonlz4.tmp.15.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpgfirefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://spocs.getpocket.com/firefox.exe, 0000000F.00000003.1426697697.000001C8F1B20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1567576211.000001C8F2AC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426493020.000001C8F258E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.0000023749412000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2566028318.000001A2B3613000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://www.iqiyi.com/firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://merino.services.mozilla.com/api/v1/suggestaboutfirefox.exe, 00000013.00000002.2564823303.0000023749486000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000F.00000003.1583465111.000001C8F708A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436883018.000001C8F7083000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://monitor.firefox.com/user/dashboardfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://monitor.firefox.com/aboutfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          http://mozilla.org/MPL/2.0/.firefox.exe, 0000000F.00000003.1605133325.000001C8EE6C3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1380653557.000001C8EE6B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1543360638.000001C8F0B6E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1538118753.000001C8F1CCA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1555371164.000001C8EE9B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1604193316.000001C8EE9B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1569124477.000001C8F2852000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1438958358.000001C8F27DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508244496.000001C8F0E21000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1537933217.000001C8EE9B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1574569442.000001C8F10E7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1508727168.000001C8F27E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1481499556.000001C8EE995000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1522813594.000001C8F0E37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1516925411.000001C8EE678000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1542452096.000001C8F0E31000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1507553009.000001C8F0B70000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1557079862.000001C8F0BA7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1496364346.000001C8F0B6F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1604193316.000001C8EE9A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1426722211.000001C8F10D2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://account.bellmedia.cfirefox.exe, 0000000F.00000003.1416084224.000001C8F1F54000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://youtube.com/firefox.exe, 0000000F.00000003.1436883018.000001C8F7078000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://login.microsoftonline.comfirefox.exe, 0000000F.00000003.1416084224.000001C8F1F54000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://coverage.mozilla.orgfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://crl.thawte.com/ThawteTimestampingCA.crl0gmpopenh264.dll.tmp.15.drfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/f0f51715-7f5e-48de-839firefox.exe, 0000000F.00000003.1434651715.000001C8F0BBD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1437007974.000001C8F0C3D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        http://x1.c.lencr.org/0firefox.exe, 0000000F.00000003.1569732925.000001C8F2689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425864427.000001C8F2689000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://x1.i.lencr.org/0firefox.exe, 0000000F.00000003.1569732925.000001C8F2689000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1425864427.000001C8F2689000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            http://a9.com/-/spec/opensearch/1.1/firefox.exe, 0000000F.00000003.1583465111.000001C8F708A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1436883018.000001C8F7083000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://infra.spec.whatwg.org/#ascii-whitespacefirefox.exe, 0000000F.00000003.1558822992.000001C8F275D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://mozilla-hub.atlassian.net/browse/SDK-405firefox.exe, 0000000F.00000003.1445654708.000001C8F0CEF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://blocked.cdn.mozilla.net/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://json-schema.org/draft/2019-09/schemafirefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://profiler.firefox.comfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://outlook.live.com/default.aspx?rru=compose&to=%sfirefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://identity.mozilla.com/apps/relayfirefox.exe, 0000000F.00000003.1573761589.000001C8F1D1C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://mozilla.cloudflare-dns.com/dns-queryfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2firefox.exe, 0000000F.00000003.1586557875.000001C8F1FC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1416084224.000001C8F1FBB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1572195975.000001C8F1FBB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://mail.yahoo.co.jp/compose/?To=%sfirefox.exe, 0000000F.00000003.1513034379.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1530622109.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1513967948.000001C8EAA7D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1503178962.000001C8EC132000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1376272518.000001C8EC133000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/firefox.exe, 0000000F.00000003.1576274148.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1590664502.000001C8F0DA5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    https://contile.services.mozilla.com/v1/tilesfirefox.exe, 0000000F.00000003.1445344240.000001C8F28B2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      https://www.amazon.co.uk/firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1583787897.000001C8F6E88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/firefox.exe, 0000000F.00000003.1587147633.000001C8F1D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1573761589.000001C8F1D88000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          https://monitor.firefox.com/user/preferencesfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            https://screenshots.firefox.com/firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              https://www.google.com/searchfirefox.exe, 0000000F.00000003.1423943194.000001C8F70AF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1373688919.000001C8EE822000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://gpuweb.github.io/gpuweb/firefox.exe, 0000000F.00000003.1426409346.000001C8F2647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1570406351.000001C8F2645000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                  https://relay.firefox.com/api/v1/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                    https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252.firefox.exe, 00000011.00000002.2566457384.00000291B9ECB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000013.00000002.2564823303.00000237494C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000015.00000002.2570463677.000001A2B3803000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.15.drfalse
                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                      http://json-schema.org/draft-07/schema#-firefox.exe, 0000000F.00000003.1577736507.000001C8F0CE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1445654708.000001C8F0CDC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                        https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-reportfirefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                                          https://topsites.services.mozilla.com/cid/firefox.exe, 00000011.00000002.2571066847.00000291B9F00000.00000002.10000000.00040000.00000000.sdmp, firefox.exe, 00000013.00000002.2564013325.00000237492A0000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 00000015.00000002.2564984384.000001A2B3480000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                                            https://www.wykop.pl/firefox.exe, 0000000F.00000003.1425463659.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000003.1584016362.000001C8F6E77000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                              		high

                                                                                                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                                                                                                              Public IPs

                                                                                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                              52.24.11.115
                                                                                                                                                                                                                                                                              		shavar.prod.mozaws.netUnited States
                                                                                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                              172.217.16.206
                                                                                                                                                                                                                                                                              		youtube.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              151.101.1.91
                                                                                                                                                                                                                                                                              		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                                              		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                              2.22.61.56
                                                                                                                                                                                                                                                                              		a19.dscg10.akamai.netEuropean Union
                                                                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                              34.149.100.209
                                                                                                                                                                                                                                                                              		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              34.107.243.93
                                                                                                                                                                                                                                                                              		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.107.221.82
                                                                                                                                                                                                                                                                              		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              35.244.181.201
                                                                                                                                                                                                                                                                              		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.49.51.44
                                                                                                                                                                                                                                                                              		normandy.tombstone.experimenter.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              34.117.188.166
                                                                                                                                                                                                                                                                              		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                              35.190.72.216
                                                                                                                                                                                                                                                                              		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                              34.160.144.191
                                                                                                                                                                                                                                                                              		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                              34.120.208.123
                                                                                                                                                                                                                                                                              		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                              		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                              Private

                                                                                                                                                                                                                                                                              IP
                                                                                                                                                                                                                                                                              127.0.0.1

                                                                                                                                                                                                                                                                              General Information

                                                                                                                                                                                                                                                                              Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                                              Analysis ID:1615904
                                                                                                                                                                                                                                                                              Start date and time:2025-02-15 17:29:23 +01:00
                                                                                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                              Overall analysis duration:0h 6m 45s
                                                                                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                                                                                              Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                              Number of analysed new started processes analysed:26
                                                                                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                                                                                              • HCA enabled
                                                                                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                                                                                              • AMSI enabled
                                                                                                                                                                                                                                                                              Analysis Mode:default
                                                                                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                              Sample name:random.exe
                                                                                                                                                                                                                                                                              Detection:MAL
                                                                                                                                                                                                                                                                              Classification:mal76.troj.evad.winEXE@34/34@68/14
                                                                                                                                                                                                                                                                              EGA Information:
                                                                                                                                                                                                                                                                              • Successful, ratio: 50%
                                                                                                                                                                                                                                                                              HCA Information:
                                                                                                                                                                                                                                                                              • Successful, ratio: 96%
                                                                                                                                                                                                                                                                              • Number of executed functions: 49
                                                                                                                                                                                                                                                                              • Number of non-executed functions: 287
                                                                                                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                                                                                                              • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                                              Warnings

                                                                                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 216.58.206.42, 142.250.184.234, 142.250.185.142, 142.250.184.206, 13.107.246.45, 2.19.106.160, 20.109.210.53
                                                                                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, ciscobinary.openh264.org, redirector.gvt1.com, otelrules.azureedge.net, slscr.update.microsoft.com, incoming.telemetry.mozilla.org, ctldl.windowsupdate.com, safebrowsing.googleapis.com, aus5.mozilla.org, time.windows.com, location.services.mozilla.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                              • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                              Simulations

                                                                                                                                                                                                                                                                              Behavior and APIs

                                                                                                                                                                                                                                                                              TimeTypeDescription
                                                                                                                                                                                                                                                                              11:30:35API Interceptor1x Sleep call for process: firefox.exe modified

                                                                                                                                                                                                                                                                              Joe Sandbox View / Context

                                                                                                                                                                                                                                                                              IPs

                                                                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                              34.49.51.44random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                  https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                            4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                  151.101.1.91https://romantic-better-yoke.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OENR.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    http://fossil-gelatinous-ptarmigan.glitch.me/CaBvU.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      https://scandalous-seen-venom.glitch.me/public/get.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          https://www.flipsnack.com/B7888C66AED/meyer-fluegge-tenney/full-view.html__;!!BqA_fObfzgc!ex7N2NztsS_LXABRV28Y_cjkpGYOgsRqvMcPkcb2E7BfbzrV4VVJ8bhkkeSqbXxSzbSEF3RdbjYnfNKRfou4dDzgCsbZQoVY$Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                              https://www.aheadjaffna.org/exhibitionGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                https://hopp.bio/universeglobalcentGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  http://www.theparisienne.fr/shop/bannerhit.php?bn_id=2&url=http://5388621d.ced3ec1bace34c20d50a6ec129e22141.pages.dev/#YWxsaXNvbkBuZWxzb25ib3JtYW4uY28uemE=Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                    Iamgold.Policy-Staff POLICY-Payable.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                      2.22.61.56random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                      • ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
                                                                                                                                                                                                                                                                                                                      34.149.100.209https://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                          https://storage.googleapis.com/yasinsoulaiman00200102055/yasinsoulaiman00200102055.html#4Laxsc88075pMVT611lryovfdyzn369QPMJEJMGSLMNNGI223458FFVC3610M25Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                  px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                                          Domains

                                                                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                          example.orghttps://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.215.0.132
                                                                                                                                                                                                                                                                                                                                          Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.215.0.133
                                                                                                                                                                                                                                                                                                                                          https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                                          • 96.7.128.186
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 96.7.128.192
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.215.0.132
                                                                                                                                                                                                                                                                                                                                          https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.215.0.132
                                                                                                                                                                                                                                                                                                                                          YWih6T9PUp.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.215.0.133
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.215.0.132
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 96.7.128.186
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.215.0.132
                                                                                                                                                                                                                                                                                                                                          shavar.prod.mozaws.nethttps://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 34.208.172.229
                                                                                                                                                                                                                                                                                                                                          Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 34.208.172.229
                                                                                                                                                                                                                                                                                                                                          https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.35.152.253
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.35.181.117
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 34.208.172.229
                                                                                                                                                                                                                                                                                                                                          https://click.email.active.com/f/a/QSi9x4aE2he14davSEuWGA~~/AAOtGhA~/kCsxXIFUFIqn8bLjeBjiWvXzS1oALejcnJaENGD5HzxCxYcQPgOnguf7W7QR0nstNy3af6IEFijde20JNtyjlBNxLI0bX7JKoy33NtFXuonYqm1BW9Wf6skdSQzo3eWILaXt_wuE4A6m9d1Klo8VXs3rqTVh6-1Al9IfjjWdQJOKyrlNb176zlF8FZpTlnqm5WBncvTjE56A2A6kqUXCIJMwI6xmadyYYBsgJGHSm9iQ2lk7sYftRmiO3y-Sbg-zGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.35.181.117
                                                                                                                                                                                                                                                                                                                                          YWih6T9PUp.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.35.181.117
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.35.152.253
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.35.152.253
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.35.152.253
                                                                                                                                                                                                                                                                                                                                          twitter.comhttps://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 104.244.42.65
                                                                                                                                                                                                                                                                                                                                          Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 104.244.42.129
                                                                                                                                                                                                                                                                                                                                          https://storage.googleapis.com/yasinsoulaiman00200102055/yasinsoulaiman00200102055.html#4Laxsc88075pMVT611lryovfdyzn369QPMJEJMGSLMNNGI223458FFVC3610M25Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 104.244.42.129
                                                                                                                                                                                                                                                                                                                                          star-mini.c10r.facebook.comhttps://we324msnbi.pages.dev/Xfi_files/prism-ui.esm-53da3fe.jsGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.252.35
                                                                                                                                                                                                                                                                                                                                          https://we324msnbi.pages.dev/assets/favicons/default/site.webmanifestGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.252.35
                                                                                                                                                                                                                                                                                                                                          http://avaliadordemarcas.net.br/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.0.35
                                                                                                                                                                                                                                                                                                                                          https://steamecomrmunity.com/s/10423910953Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.252.35
                                                                                                                                                                                                                                                                                                                                          Notification Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.252.35
                                                                                                                                                                                                                                                                                                                                          https://storage.googleapis.com/yasinsoulaiman00200102055/yasinsoulaiman00200102055.html#4Laxsc88075pMVT611lryovfdyzn369QPMJEJMGSLMNNGI223458FFVC3610M25Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.0.35
                                                                                                                                                                                                                                                                                                                                          https://notifications.google.com/g/p/ANiao5qKfpKGd2jYVQDb7vORoVGY96M_apQZWQcfuLgUh0GZyBJANTtYK9_noZQ1711qN-Nnm0DMf_B0c07RxsIpTsLOXIG6nNUkP7-522wWZZkizIeUQoaYMxfvubAPN7K6vgKfJCjpF3Y3VSFZPtNm5n34HM86QMFnOVYHFycjRojvprEeSViyQqV_RbPVd9Nh3y1jQx8FWiMJd_UXkRWlNs4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.251.35
                                                                                                                                                                                                                                                                                                                                          http://hookersbaits.co.ukGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.253.35
                                                                                                                                                                                                                                                                                                                                          http://hrworld.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.251.35
                                                                                                                                                                                                                                                                                                                                          http://hrworld.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 157.240.0.35

                                                                                                                                                                                                                                                                                                                                          ASNs

                                                                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                          FASTLYUSGasTechnologyPartnership.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.229
                                                                                                                                                                                                                                                                                                                                          SecuriteInfo.com.Win64.DropperX-gen.20149.32584.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 185.199.111.133
                                                                                                                                                                                                                                                                                                                                          SecuriteInfo.com.Win64.DropperX-gen.20149.32584.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 185.199.109.133
                                                                                                                                                                                                                                                                                                                                          pdf946946.msiGet hashmaliciousAteraAgentBrowse
                                                                                                                                                                                                                                                                                                                                          • 199.232.210.172
                                                                                                                                                                                                                                                                                                                                          https://cle.soundestlink.com/ce/c/67af4e08a90b85f6c51e3649/67af5eb00c1882c8ec3f69d6/67af5ec97ca8d566b11e2a98?signature=66c3083f785cd7181708c087851b2abb37a20f51ffb2631c7fbdc20d93250623Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 151.101.193.229
                                                                                                                                                                                                                                                                                                                                          https://livecoinbasechat.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 151.101.65.229
                                                                                                                                                                                                                                                                                                                                          https://allocations-kelp.netGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.229
                                                                                                                                                                                                                                                                                                                                          https://blovkdappfixkk.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 151.101.129.229
                                                                                                                                                                                                                                                                                                                                          http://getverify.github.io/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 151.101.2.132
                                                                                                                                                                                                                                                                                                                                          https://reprogrammer.livraison.3-75-178-102.cprapid.com/dpd/update.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 151.101.2.49
                                                                                                                                                                                                                                                                                                                                          AMAZON-02USna.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                          • 54.171.230.55
                                                                                                                                                                                                                                                                                                                                          na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                          • 54.171.230.55
                                                                                                                                                                                                                                                                                                                                          arm6.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 54.171.230.55
                                                                                                                                                                                                                                                                                                                                          pdf946946.msiGet hashmaliciousAteraAgentBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.157.63.229
                                                                                                                                                                                                                                                                                                                                          efjepc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 54.171.230.55
                                                                                                                                                                                                                                                                                                                                          main_ppc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                          • 54.171.230.55
                                                                                                                                                                                                                                                                                                                                          CUD--Quotation list.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                                          • 13.248.169.48
                                                                                                                                                                                                                                                                                                                                          telnet.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 44.241.44.184
                                                                                                                                                                                                                                                                                                                                          telnet.sh4.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 52.52.139.161
                                                                                                                                                                                                                                                                                                                                          telnet.ppc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 108.142.47.109
                                                                                                                                                                                                                                                                                                                                          AKAMAI-ASN1EUGasTechnologyPartnership.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 95.101.182.112
                                                                                                                                                                                                                                                                                                                                          arm4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                          • 88.221.149.135
                                                                                                                                                                                                                                                                                                                                          arm5.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                          • 95.100.100.163
                                                                                                                                                                                                                                                                                                                                          x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                          • 88.221.95.65
                                                                                                                                                                                                                                                                                                                                          https://cle.soundestlink.com/ce/c/67af4e08a90b85f6c51e3649/67af4e37c622ca8b13b0643e/67af4e500930257798ab6691?signature=6622e2772a21e189f04bbff6dbd8020cb3c1977d0aa04e3285c329f387017382Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 95.101.182.65
                                                                                                                                                                                                                                                                                                                                          https://blovkdappfixkk.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 2.22.242.136
                                                                                                                                                                                                                                                                                                                                          https://reprogrammer.livraison.3-75-178-102.cprapid.com/dpd/update.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 2.22.242.130
                                                                                                                                                                                                                                                                                                                                          http://gaer.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 2.21.65.135
                                                                                                                                                                                                                                                                                                                                          http://ctakkponmndiri.siitusressmi.web.id/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 23.213.161.219
                                                                                                                                                                                                                                                                                                                                          http://worker-aged-art.dzvg.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 2.21.65.135
                                                                                                                                                                                                                                                                                                                                          ATGS-MMD-ASUStelnet.x86.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 48.72.1.111
                                                                                                                                                                                                                                                                                                                                          telnet.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 34.179.18.251
                                                                                                                                                                                                                                                                                                                                          telnet.ppc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 32.168.123.169
                                                                                                                                                                                                                                                                                                                                          res.spc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 33.118.35.157
                                                                                                                                                                                                                                                                                                                                          res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 32.59.106.150
                                                                                                                                                                                                                                                                                                                                          https://blovkdappfixkk.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 34.149.94.206
                                                                                                                                                                                                                                                                                                                                          https://reprogrammer.livraison.3-75-178-102.cprapid.com/dpd/update.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 57.129.39.243
                                                                                                                                                                                                                                                                                                                                          https://junoupdatesecurity.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                          • 57.129.39.243
                                                                                                                                                                                                                                                                                                                                          res.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 51.35.40.188
                                                                                                                                                                                                                                                                                                                                          http://facebooksupports.tempisite.com/ils972/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          • 34.149.134.77

                                                                                                                                                                                                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                          fb0aa01abe9d8e4037eb3473ca6e2dcarandom.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91
                                                                                                                                                                                                                                                                                                                                          0xqfQZufeQ.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, GCleaner, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                          • 151.101.1.91

                                                                                                                                                                                                                                                                                                                                          Dropped Files

                                                                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)https://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                    random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                        4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                            random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmphttps://drive.google.com/file/d/1FVDnmU54G6_GaADSmojqRgpCVK0Y1U9s/view?usp=sharingGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                                    px4Y74kUj2.exeGet hashmaliciousAmadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                                                      random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                                        random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                                          random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                                            4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                                              random.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                                                                                random.exeGet hashmaliciousCredential FlusherBrowse

                                                                                                                                                                                                                                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                                                                                                                                                                                                                                  C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_9a251bd0-0dfb-4272-9035-b827bfd7ec40.json (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):7957
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.1845662297997075
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:hMvMXIKFtbhbVbTbfbRbObtbyEl7n8rJJA6unSrDtTkd/S9P:hFhtNhnzFSJcrk1nSrDhkd/cP
                                                                                                                                                                                                                                                                                                                                                                                  MD5:E7FECEF3886A98AE854BAE26D1B3360A
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:5A89D3B941A5DEEC219FE3296DEF542143149895
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:3A2865E04ED467BAD17354545E0760CC23AF799DBAAF71B4203D3F79577A6177
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:DB6CE52DA459DF018A0F65184AF2BAF7528AB7ABD8B4811FFAF0AA17AC3FD55A92A4756CF8EE2AB739C221CDE7C42237B52A1BF468ACC48D3EB2FCE1DE8D63EC
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"type":"uninstall","id":"9a251bd0-0dfb-4272-9035-b827bfd7ec40","creationDate":"2025-02-15T17:31:44.278Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"a12d1cd1-4ce7-42ab-ae29-5c019c43f6ba","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                                                  C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_9a251bd0-0dfb-4272-9035-b827bfd7ec40.json.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):7957
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.1845662297997075
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:hMvMXIKFtbhbVbTbfbRbObtbyEl7n8rJJA6unSrDtTkd/S9P:hFhtNhnzFSJcrk1nSrDhkd/cP
                                                                                                                                                                                                                                                                                                                                                                                  MD5:E7FECEF3886A98AE854BAE26D1B3360A
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:5A89D3B941A5DEEC219FE3296DEF542143149895
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:3A2865E04ED467BAD17354545E0760CC23AF799DBAAF71B4203D3F79577A6177
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:DB6CE52DA459DF018A0F65184AF2BAF7528AB7ABD8B4811FFAF0AA17AC3FD55A92A4756CF8EE2AB739C221CDE7C42237B52A1BF468ACC48D3EB2FCE1DE8D63EC
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"type":"uninstall","id":"9a251bd0-0dfb-4272-9035-b827bfd7ec40","creationDate":"2025-02-15T17:31:44.278Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"a12d1cd1-4ce7-42ab-ae29-5c019c43f6ba","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":2,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                                                                  MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):453023
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                                                                                  MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):4514
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.943139029351388
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:8S+OcaPUFqOdwNIOdvtkeQjvYZUBLa/8P:8S+Oc+UAOdwiOdKeQjDLa/8P
                                                                                                                                                                                                                                                                                                                                                                                  MD5:608C03AC441B2E70DD879AFF8CA22324
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:F6C86F2895F078FE4EB8E2ED385040511089D2D4
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:5797CC3F60EDA8AD5350D19E42A610112803E5D47C78C16FC08AA2EABB799173
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:BBA7BEBB7885FCFC1D9A46203E2BDFCEF8D28A0E03327822FD9E3BE3349CF4783BB0A9D3B03BA380D873666EEBA30610463E46A7B9A6163DF11F4AD09E23C5F2
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"d14ccc2f-033b-49c7-a2e0-d7a247e302f1","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-05T07:41:33.819Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"mixed-content-level-2-roll-out-release-113":{"slug":"mixed-content-level-2-roll-out-release-113","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):4514
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.943139029351388
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:8S+OcaPUFqOdwNIOdvtkeQjvYZUBLa/8P:8S+Oc+UAOdwiOdKeQjDLa/8P
                                                                                                                                                                                                                                                                                                                                                                                  MD5:608C03AC441B2E70DD879AFF8CA22324
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:F6C86F2895F078FE4EB8E2ED385040511089D2D4
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:5797CC3F60EDA8AD5350D19E42A610112803E5D47C78C16FC08AA2EABB799173
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:BBA7BEBB7885FCFC1D9A46203E2BDFCEF8D28A0E03327822FD9E3BE3349CF4783BB0A9D3B03BA380D873666EEBA30610463E46A7B9A6163DF11F4AD09E23C5F2
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"d14ccc2f-033b-49c7-a2e0-d7a247e302f1","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-05T07:41:33.819Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"mixed-content-level-2-roll-out-release-113":{"slug":"mixed-content-level-2-roll-out-release-113","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):5318
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.62067557672702
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrwLUe:VTx2x2t0FDJ4NpwZMd0EJwLv
                                                                                                                                                                                                                                                                                                                                                                                  MD5:A0DD0256A122A64D1C1A98C36F89F368
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:B82AF63B4A4261477DA4CD2AC34B4DD7BB5EBEA0
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:EE9278644D02739D27E4FD9D8006AD49D9A0D80AD251BA2C3F144A408F65A9F3
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:ED3AE377C1AD9E6694307CC60554665058541DD2BB80FEB1832616ACE39623E842DB3CD9153771ABD1874703DCBF4B81CABE050E2F2553D723A96A163AA41911
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):5318
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.62067557672702
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrwLUe:VTx2x2t0FDJ4NpwZMd0EJwLv
                                                                                                                                                                                                                                                                                                                                                                                  MD5:A0DD0256A122A64D1C1A98C36F89F368
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:B82AF63B4A4261477DA4CD2AC34B4DD7BB5EBEA0
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:EE9278644D02739D27E4FD9D8006AD49D9A0D80AD251BA2C3F144A408F65A9F3
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:ED3AE377C1AD9E6694307CC60554665058541DD2BB80FEB1832616ACE39623E842DB3CD9153771ABD1874703DCBF4B81CABE050E2F2553D723A96A163AA41911
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                                                  MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                                                                  MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):262144
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                                                                                  MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                                                  MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):66
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                                                                  MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.186376962556299
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:NI40vfXXQ4z6X4n44a4T4h4b4rhEhvj4Lw4m4x44g:NJhWvx
                                                                                                                                                                                                                                                                                                                                                                                  MD5:C2A8F76D683C9F86054CA7775732A180
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:FB1F8B84825D53E58290E53D65F8A73C5794E281
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:4744AACB03666A594CF1BB6E6491105F0AB600259D8E0BA483164F2AE9C90221
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:F804B8CF7277D2F6E8AA8BDFFF099ECCEC00CE59FEB3F3EB47D5E4B36FBB2C23466233C966F53483F0DF365E13AB9BB9256B685645FC366A5A24C72907E54025
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{9f54712e-79e2-445b-974a-266a0185f206}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.186376962556299
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:768:NI40vfXXQ4z6X4n44a4T4h4b4rhEhvj4Lw4m4x44g:NJhWvx
                                                                                                                                                                                                                                                                                                                                                                                  MD5:C2A8F76D683C9F86054CA7775732A180
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:FB1F8B84825D53E58290E53D65F8A73C5794E281
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:4744AACB03666A594CF1BB6E6491105F0AB600259D8E0BA483164F2AE9C90221
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:F804B8CF7277D2F6E8AA8BDFFF099ECCEC00CE59FEB3F3EB47D5E4B36FBB2C23466233C966F53483F0DF365E13AB9BB9256B685645FC366A5A24C72907E54025
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{9f54712e-79e2-445b-974a-266a0185f206}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                                                                  MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                                                  MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                  • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                                                                  MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                  • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: px4Y74kUj2.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: 4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB.zip, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  • Filename: random.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                                                  MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):116
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                                                                  MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\permissions.sqlite

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.07326074268793238
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:12:DBl/A0OWla0mwPxRymgObsCVR45wcYR4fmnsCVR4zki32:DLhesh7Owd4+jim
                                                                                                                                                                                                                                                                                                                                                                                  MD5:258F42C21DA16972705DA5E4B6685CF0
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:F61D573D541F2875BA96064303B8A8D6D4097929
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:DA249EFACE19F31F8D0A40F84295922DD7F855E74AAD6A49D3C820FF8EE1B29E
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:576AD913D82CB35BF16BC70EF97F337E5828304A2A34FE3DB2420ED2A4E7D682F982CA861A3E4AF9C9D9D9527539581292B59F4D6CD925B7381B6EE45079EB43
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j......~s..F~s........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.03547963191936293
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:GtlstF0f+zgZGsAN/9HYl3lstF0f+zgZGsAN/llXT89//alEl:GtWt2WztsAnY1Wt2WztsAND89XuM
                                                                                                                                                                                                                                                                                                                                                                                  MD5:99589746C0B5B658FA120BC70882A13E
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:6B50A0BD1F56FAAC2CD79F8510514D5427D226C6
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:1C13B1171EBBFEA3B1166984E6D2DD64C1CB982CA6AAB5FF5B60904B8B3B30F2
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:D9AE2B30DD790A05E6D5B63534445FD83619FF80736C59C2ECEEFBCFAAA399C13CC2EF7CF0022B987DD814A304BACBFB22868B41B05C591D2ED9C87F09CD478B
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:..-.......................-~.!...J*..f.Y...{.X..-.......................-~.!...J*..f.Y...{.X........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):32824
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.03915008228609746
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:Ol1Tw3dto3OmpoILDl8rEXsxdwhml8XW3R2:KlstoLNl8dMhm93w
                                                                                                                                                                                                                                                                                                                                                                                  MD5:72AD73411AC76B8D11B81E009336997D
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:F810DFE0845814B5A28A2D40691FBA624ECD2664
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:32D6BE5037FDA0273D79E5B5DD53F3439DCA99F5FBC962093304D21A26DA98FA
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:422D8AB9EFECCD21A993D54A04782236A0FAD92F4D5FD66EB8440BE7AB4FF87F911A8BC96D27E9DCFF045128A6D2BA40651663F8093AEA9CBF44685812AE22F7
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:7....-............J*..f.......x...........J*..f.-....!.~................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1769), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):13214
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.479252491382582
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:lgnSRkyYbBp67qUCaXE6V/aNyS5RHNBw8ssnSl:LekqUvpWxPw00
                                                                                                                                                                                                                                                                                                                                                                                  MD5:34E1D7A48CAEA5BC68072D04C19D7C7D
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:4ECD07B991035FA97F78B28DC537C7EB4BD29726
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:E310B7BA6FDD1F9B153B531F828F61D270CC05BF7A7E44469380297BDD547EC2
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:386885490EC084EC9F1C5AD309B2334C9D380455229A87B3058A22EB63E5D4EFFB2F9C506D8427F10405D30B180ACA7A4F3E10464224378A6469A76A0F1D72C2
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "27fb6245-bd08-4de6-8f4d-2ece3f597752");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739640675);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739640675);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739640675);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173964

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1769), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):13214
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.479252491382582
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:192:lgnSRkyYbBp67qUCaXE6V/aNyS5RHNBw8ssnSl:LekqUvpWxPw00
                                                                                                                                                                                                                                                                                                                                                                                  MD5:34E1D7A48CAEA5BC68072D04C19D7C7D
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:4ECD07B991035FA97F78B28DC537C7EB4BD29726
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:E310B7BA6FDD1F9B153B531F828F61D270CC05BF7A7E44469380297BDD547EC2
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:386885490EC084EC9F1C5AD309B2334C9D380455229A87B3058A22EB63E5D4EFFB2F9C506D8427F10405D30B180ACA7A4F3E10464224378A6469A76A0F1D72C2
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "27fb6245-bd08-4de6-8f4d-2ece3f597752");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1739640675);..user_pref("app.update.lastUpdateTime.background-update-timer", 1739640675);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1739640675);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 173964

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                                                                                  MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                                                  MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                                                  MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):1576
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.352297022454262
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:v+USUGlcAxS+LXnIgBf/pnxQwRlszT5sKhi0asHVVPNZTwamhumJ3YOOcUb2mifn:GUpOxjvnR6YstZTwJIedCEd
                                                                                                                                                                                                                                                                                                                                                                                  MD5:5B0D6B7F01DA9340D9E726924BB00E40
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:B27BA9B5A8048201DC20F91BEF02AC97010C52C9
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:1C33A216B2218046C6003746AB340B01B291111B7E665066A7C5D92F324D4BA5
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:928CF9C256CB117C96C15776480E13848474298EC3D787C82B947557ED906B09021A890073AF68A0624FECB94C616A32E5336E5A8B19B8C93521A4ED058F9DE0
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{03db465a-e741-471e-844b-3b84ce9ac7ca}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1739640681520,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...4b3ac14b-43e5-4896-86e8-9e7d502ce1b5","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..P43829...centCrash..B0},".....Dcook....host":"addons.mozilla.org","valu...Abbc25ad08ccc1b2d785bc1812d8faa4d50f401055c8d3ce6d11bb3b0958223be","path":"/","na..a"taarI|.Recure...,`.Donly..fexpiry...49874,"originA...

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):1576
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.352297022454262
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:v+USUGlcAxS+LXnIgBf/pnxQwRlszT5sKhi0asHVVPNZTwamhumJ3YOOcUb2mifn:GUpOxjvnR6YstZTwJIedCEd
                                                                                                                                                                                                                                                                                                                                                                                  MD5:5B0D6B7F01DA9340D9E726924BB00E40
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:B27BA9B5A8048201DC20F91BEF02AC97010C52C9
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:1C33A216B2218046C6003746AB340B01B291111B7E665066A7C5D92F324D4BA5
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:928CF9C256CB117C96C15776480E13848474298EC3D787C82B947557ED906B09021A890073AF68A0624FECB94C616A32E5336E5A8B19B8C93521A4ED058F9DE0
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{03db465a-e741-471e-844b-3b84ce9ac7ca}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1739640681520,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...4b3ac14b-43e5-4896-86e8-9e7d502ce1b5","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..P43829...centCrash..B0},".....Dcook....host":"addons.mozilla.org","valu...Abbc25ad08ccc1b2d785bc1812d8faa4d50f401055c8d3ce6d11bb3b0958223be","path":"/","na..a"taarI|.Recure...,`.Donly..fexpiry...49874,"originA...

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:Mozilla lz4 compressed data, originally 5861 bytes
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):1576
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.352297022454262
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:v+USUGlcAxS+LXnIgBf/pnxQwRlszT5sKhi0asHVVPNZTwamhumJ3YOOcUb2mifn:GUpOxjvnR6YstZTwJIedCEd
                                                                                                                                                                                                                                                                                                                                                                                  MD5:5B0D6B7F01DA9340D9E726924BB00E40
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:B27BA9B5A8048201DC20F91BEF02AC97010C52C9
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:1C33A216B2218046C6003746AB340B01B291111B7E665066A7C5D92F324D4BA5
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:928CF9C256CB117C96C15776480E13848474298EC3D787C82B947557ED906B09021A890073AF68A0624FECB94C616A32E5336E5A8B19B8C93521A4ED058F9DE0
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"https://youtube.com/account?=.....rs.googl%...v3/signin/challenge/pwd","title[.C..cacheKey":0,"ID":6,"docshellUU...D"{03db465a-e741-471e-844b-3b84ce9ac7ca}","resultPrincipalURI":null,"hasUserInteracte...true,"triggering8.p_base64z..\"3\":{}^...docIdentifier":7,"persistK..+}],"lastAccessed":1739640681520,"hidden":false,"searchMode...userContextId...attribut...{},"index":1...questedI..p0,"imag....chrome://global/skin/icons/warning.svg"..aselect...,"_closedTZ.@],"_...C..`GroupCF..":-1,"busy...t...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximize......BeforeMin...&..workspace9...4b3ac14b-43e5-4896-86e8-9e7d502ce1b5","zD..1...Wm..l........j..:....1":{..jUpdate.....wtartTim..P43829...centCrash..B0},".....Dcook....host":"addons.mozilla.org","valu...Abbc25ad08ccc1b2d785bc1812d8faa4d50f401055c8d3ce6d11bb3b0958223be","path":"/","na..a"taarI|.Recure...,`.Donly..fexpiry...49874,"originA...

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\storage.sqlite

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, user version 131075, last written using SQLite version 3042000, page size 512, file counter 6, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):4096
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.0836444556178684
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:24:JBwdh/cEUcR9PzNFPFHx/GJRBdkOrDcRB1trwDeAq2gRMyxr3:jnEUo9LXtR+JdkOnohYsl
                                                                                                                                                                                                                                                                                                                                                                                  MD5:8B40B1534FF0F4B533AF767EB5639A05
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:63EDB539EA39AD09D701A36B535C4C087AE08CC9
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:AF275A19A5C2C682139266065D90C237282274D11C5619A121B7BDBDB252861B
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:54AF707698CED33C206B1B193DA414D630901762E88E37E99885A50D4D5F8DDC28367C9B401DFE251CF0552B4FA446EE28F78A97C9096AFB0F2898BFBB673B53
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.036715593964879
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:YrSAYbeUQZpExB1+anO8e6WCVhhOjVkWAYzzc8rYMsku7f86SLAVL7J5FtsfAcb5:ycb+TEr5ZwoIhzzcHvbw6Kkdrc2Rn27
                                                                                                                                                                                                                                                                                                                                                                                  MD5:636D4EB537AA0064A36A2E436835D610
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:AF3F5167653B87E7878E0136D54FA18ED31009E6
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:AB57E2D2DA4EA2F0560B982F7E2C6BEEE4A983CD1D73BF0F6EEE0045D905C339
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:3BC62BC54270C09DD6BBC25F203071B465E0A126BCFCB59AAD1562D74779BFEDA9DBBB58D55215F0DFFD5DC7F6AAB0F57F901A829F253B25405915BA51DCB80F
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-15T17:31:06.304Z","profileAgeCreated":1696491685971,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                  Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.036715593964879
                                                                                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:48:YrSAYbeUQZpExB1+anO8e6WCVhhOjVkWAYzzc8rYMsku7f86SLAVL7J5FtsfAcb5:ycb+TEr5ZwoIhzzcHvbw6Kkdrc2Rn27
                                                                                                                                                                                                                                                                                                                                                                                  MD5:636D4EB537AA0064A36A2E436835D610
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:AF3F5167653B87E7878E0136D54FA18ED31009E6
                                                                                                                                                                                                                                                                                                                                                                                  SHA-256:AB57E2D2DA4EA2F0560B982F7E2C6BEEE4A983CD1D73BF0F6EEE0045D905C339
                                                                                                                                                                                                                                                                                                                                                                                  SHA-512:3BC62BC54270C09DD6BBC25F203071B465E0A126BCFCB59AAD1562D74779BFEDA9DBBB58D55215F0DFFD5DC7F6AAB0F57F901A829F253B25405915BA51DCB80F
                                                                                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                  Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2025-02-15T17:31:06.304Z","profileAgeCreated":1696491685971,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                                                                  Static File Info

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.703402848309974
                                                                                                                                                                                                                                                                                                                                                                                  TrID:
                                                                                                                                                                                                                                                                                                                                                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                                                                  • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                                                                  File name:random.exe
                                                                                                                                                                                                                                                                                                                                                                                  File size:970'752 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5:bca58035430238fde9990df16040d699
                                                                                                                                                                                                                                                                                                                                                                                  SHA1:12e1f30c10f8d228e70d28bd6e315679d91aa46e
                                                                                                                                                                                                                                                                                                                                                                                  SHA256:6c64e6e99e9173fd2233d7f6afe27d80d47a377eaa624ee1ca7cc0df803c5cbb
                                                                                                                                                                                                                                                                                                                                                                                  SHA512:9c406772c7cd60374ba75e7a578c1bcb9319c6067bec6bb55c8f8a0176c5f0d4a71e8bc013bf51fba1d3fae5d9d7b1f97703029128602b77dcc0136fc6dd8d12
                                                                                                                                                                                                                                                                                                                                                                                  SSDEEP:24576:LqDEvCTbMWu7rQYlBQcBiT6rprG8a9xSma:LTvC/MTQYxsWR7a9x
                                                                                                                                                                                                                                                                                                                                                                                  TLSH:3A259E0273D1C062FF9B92334B5AF6515BBC69260123E61F13A81DB9BE701B1563E7A3
                                                                                                                                                                                                                                                                                                                                                                                  File Content Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z....

                                                                                                                                                                                                                                                                                                                                                                                  File Icon

                                                                                                                                                                                                                                                                                                                                                                                  Icon Hash:aaf3e3e3938382a0

                                                                                                                                                                                                                                                                                                                                                                                  Static PE Info

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Entrypoint:0x420577
                                                                                                                                                                                                                                                                                                                                                                                  Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                                                                  Digitally signed:false
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                                                                  Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                                                                  Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                                                                  DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                                                                  Time Stamp:0x67B0B253 [Sat Feb 15 15:27:15 2025 UTC]
                                                                                                                                                                                                                                                                                                                                                                                  TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                                                                  CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                                                                  OS Version Major:5
                                                                                                                                                                                                                                                                                                                                                                                  OS Version Minor:1
                                                                                                                                                                                                                                                                                                                                                                                  File Version Major:5
                                                                                                                                                                                                                                                                                                                                                                                  File Version Minor:1
                                                                                                                                                                                                                                                                                                                                                                                  Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                                                                  Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                                                                                  Import Hash:948cc502fe9226992dce9417f952fce3

                                                                                                                                                                                                                                                                                                                                                                                  Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                                                                  Instruction
                                                                                                                                                                                                                                                                                                                                                                                  call 00007FDF8CA44C83h
                                                                                                                                                                                                                                                                                                                                                                                  jmp 00007FDF8CA4458Fh
                                                                                                                                                                                                                                                                                                                                                                                  push ebp
                                                                                                                                                                                                                                                                                                                                                                                  mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                                  push esi
                                                                                                                                                                                                                                                                                                                                                                                  push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                                                  mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                                  call 00007FDF8CA4476Dh
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esi], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                                                  mov eax, esi
                                                                                                                                                                                                                                                                                                                                                                                  pop esi
                                                                                                                                                                                                                                                                                                                                                                                  pop ebp
                                                                                                                                                                                                                                                                                                                                                                                  retn 0004h
                                                                                                                                                                                                                                                                                                                                                                                  and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                                  mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                                                  and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [ecx+04h], 0049FDF8h
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [ecx], 0049FDF0h
                                                                                                                                                                                                                                                                                                                                                                                  ret
                                                                                                                                                                                                                                                                                                                                                                                  push ebp
                                                                                                                                                                                                                                                                                                                                                                                  mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                                  push esi
                                                                                                                                                                                                                                                                                                                                                                                  push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                                                  mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                                  call 00007FDF8CA4473Ah
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esi], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                                                  mov eax, esi
                                                                                                                                                                                                                                                                                                                                                                                  pop esi
                                                                                                                                                                                                                                                                                                                                                                                  pop ebp
                                                                                                                                                                                                                                                                                                                                                                                  retn 0004h
                                                                                                                                                                                                                                                                                                                                                                                  and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                                  mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                                                  and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [ecx+04h], 0049FE14h
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [ecx], 0049FE0Ch
                                                                                                                                                                                                                                                                                                                                                                                  ret
                                                                                                                                                                                                                                                                                                                                                                                  push ebp
                                                                                                                                                                                                                                                                                                                                                                                  mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                                  push esi
                                                                                                                                                                                                                                                                                                                                                                                  mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                                  lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                                                  and dword ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                                                                                                                  and dword ptr [eax+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                                                  push eax
                                                                                                                                                                                                                                                                                                                                                                                  mov eax, dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                                                  add eax, 04h
                                                                                                                                                                                                                                                                                                                                                                                  push eax
                                                                                                                                                                                                                                                                                                                                                                                  call 00007FDF8CA4732Dh
                                                                                                                                                                                                                                                                                                                                                                                  pop ecx
                                                                                                                                                                                                                                                                                                                                                                                  pop ecx
                                                                                                                                                                                                                                                                                                                                                                                  mov eax, esi
                                                                                                                                                                                                                                                                                                                                                                                  pop esi
                                                                                                                                                                                                                                                                                                                                                                                  pop ebp
                                                                                                                                                                                                                                                                                                                                                                                  retn 0004h
                                                                                                                                                                                                                                                                                                                                                                                  lea eax, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [ecx], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                                                  push eax
                                                                                                                                                                                                                                                                                                                                                                                  call 00007FDF8CA47378h
                                                                                                                                                                                                                                                                                                                                                                                  pop ecx
                                                                                                                                                                                                                                                                                                                                                                                  ret
                                                                                                                                                                                                                                                                                                                                                                                  push ebp
                                                                                                                                                                                                                                                                                                                                                                                  mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                                  push esi
                                                                                                                                                                                                                                                                                                                                                                                  mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                                                  lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                                                  mov dword ptr [esi], 0049FDD0h
                                                                                                                                                                                                                                                                                                                                                                                  push eax
                                                                                                                                                                                                                                                                                                                                                                                  call 00007FDF8CA47361h
                                                                                                                                                                                                                                                                                                                                                                                  test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                                                                                  pop ecx

                                                                                                                                                                                                                                                                                                                                                                                  Rich Headers

                                                                                                                                                                                                                                                                                                                                                                                  Programming Language:
                                                                                                                                                                                                                                                                                                                                                                                  • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                                                                                  • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                                                                                  Data Directories

                                                                                                                                                                                                                                                                                                                                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0xc8e640x17c.rdata
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0xd40000x16478.rsrc
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0xeb0000x7594.reloc
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0xb0ff00x1c.rdata
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_TLS0xc34000x18.rdata
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xb10100x40.rdata
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x9c0000x894.rdata
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                                                                  Sections

                                                                                                                                                                                                                                                                                                                                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                                                                  .text0x10000x9ab1d0x9ac000a1473f3064dcbc32ef93c5c8a90f3a6False0.565500681542811data6.668273581389308IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                                  .rdata0x9c0000x2fb820x2fc00c9cf2468b60bf4f80f136ed54b3989fbFalse0.35289185209424084data5.691811547483722IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                                  .data0xcc0000x706c0x480053b9025d545d65e23295e30afdbd16d9False0.04356553819444445DOS executable (block device driver @\273\)0.5846666986982398IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                                                  .rsrc0xd40000x164780x166004d0be74dd98be48d52e9475d3bd7a54cFalse0.7017610858938548data7.175656214223087IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                                  .reloc0xeb0000x75940x7600c68ee8931a32d45eb82dc450ee40efc3False0.7628111758474576data6.7972128181359786IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                                                                  Resources

                                                                                                                                                                                                                                                                                                                                                                                  NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd45f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd47180x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd48400x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd49680x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd4c500x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishGreat Britain0.5
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd4d780xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishGreat Britain0.2835820895522388
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd5c200x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishGreat Britain0.37906137184115524
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd64c80x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishGreat Britain0.23699421965317918
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd6a300x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishGreat Britain0.13858921161825727
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xd8fd80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishGreat Britain0.25070356472795496
                                                                                                                                                                                                                                                                                                                                                                                  RT_ICON0xda0800x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishGreat Britain0.3173758865248227
                                                                                                                                                                                                                                                                                                                                                                                  RT_MENU0xda4e80x50dataEnglishGreat Britain0.9
                                                                                                                                                                                                                                                                                                                                                                                  RT_DIALOG0xda5380xfcdataEnglishGreat Britain0.6507936507936508
                                                                                                                                                                                                                                                                                                                                                                                  RT_STRING0xda6340x594dataEnglishGreat Britain0.3333333333333333
                                                                                                                                                                                                                                                                                                                                                                                  RT_STRING0xdabc80x68adataEnglishGreat Britain0.2735961768219833
                                                                                                                                                                                                                                                                                                                                                                                  RT_STRING0xdb2540x490dataEnglishGreat Britain0.3715753424657534
                                                                                                                                                                                                                                                                                                                                                                                  RT_STRING0xdb6e40x5fcdataEnglishGreat Britain0.3087467362924282
                                                                                                                                                                                                                                                                                                                                                                                  RT_STRING0xdbce00x65cdataEnglishGreat Britain0.34336609336609336
                                                                                                                                                                                                                                                                                                                                                                                  RT_STRING0xdc33c0x466dataEnglishGreat Britain0.3605683836589698
                                                                                                                                                                                                                                                                                                                                                                                  RT_STRING0xdc7a40x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishGreat Britain0.502906976744186
                                                                                                                                                                                                                                                                                                                                                                                  RT_RCDATA0xdc8fc0xd5fadata1.000474643104896
                                                                                                                                                                                                                                                                                                                                                                                  RT_GROUP_ICON0xe9ef80x76dataEnglishGreat Britain0.6610169491525424
                                                                                                                                                                                                                                                                                                                                                                                  RT_GROUP_ICON0xe9f700x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                                                  RT_GROUP_ICON0xe9f840x14dataEnglishGreat Britain1.15
                                                                                                                                                                                                                                                                                                                                                                                  RT_GROUP_ICON0xe9f980x14dataEnglishGreat Britain1.25
                                                                                                                                                                                                                                                                                                                                                                                  RT_VERSION0xe9fac0xdcdataEnglishGreat Britain0.6181818181818182
                                                                                                                                                                                                                                                                                                                                                                                  RT_MANIFEST0xea0880x3efASCII text, with CRLF line terminatorsEnglishGreat Britain0.5074478649453823

                                                                                                                                                                                                                                                                                                                                                                                  Imports

                                                                                                                                                                                                                                                                                                                                                                                  DLLImport
                                                                                                                                                                                                                                                                                                                                                                                  WSOCK32.dllgethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect
                                                                                                                                                                                                                                                                                                                                                                                  VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
                                                                                                                                                                                                                                                                                                                                                                                  WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                                                                                                                                                                                                                                                                                                                                                  COMCTL32.dllImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create
                                                                                                                                                                                                                                                                                                                                                                                  MPR.dllWNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W
                                                                                                                                                                                                                                                                                                                                                                                  WININET.dllHttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable
                                                                                                                                                                                                                                                                                                                                                                                  PSAPI.DLLGetProcessMemoryInfo
                                                                                                                                                                                                                                                                                                                                                                                  IPHLPAPI.DLLIcmpSendEcho, IcmpCloseHandle, IcmpCreateFile
                                                                                                                                                                                                                                                                                                                                                                                  USERENV.dllDestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile
                                                                                                                                                                                                                                                                                                                                                                                  UxTheme.dllIsThemeActive
                                                                                                                                                                                                                                                                                                                                                                                  KERNEL32.dllDuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW
                                                                                                                                                                                                                                                                                                                                                                                  USER32.dllGetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient
                                                                                                                                                                                                                                                                                                                                                                                  GDI32.dllEndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath
                                                                                                                                                                                                                                                                                                                                                                                  COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                                                                                                                                                                                                                                                                                                                                                  ADVAPI32.dllGetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW
                                                                                                                                                                                                                                                                                                                                                                                  SHELL32.dllDragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW
                                                                                                                                                                                                                                                                                                                                                                                  ole32.dllCoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket
                                                                                                                                                                                                                                                                                                                                                                                  OLEAUT32.dllCreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture

                                                                                                                                                                                                                                                                                                                                                                                  Version Infos

                                                                                                                                                                                                                                                                                                                                                                                  DescriptionData
                                                                                                                                                                                                                                                                                                                                                                                  Translation0x0809 0x04b0

                                                                                                                                                                                                                                                                                                                                                                                  Possible Origin

                                                                                                                                                                                                                                                                                                                                                                                  Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                                                                  EnglishGreat Britain

                                                                                                                                                                                                                                                                                                                                                                                  Network Behavior

                                                                                                                                                                                                                                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                                                                                                                                                                                                                                  TCP Packets

                                                                                                                                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.030601978 CET49735443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.030706882 CET4434973535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.032305956 CET49735443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.037431002 CET49735443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.037471056 CET4434973535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.529015064 CET4434973535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.529117107 CET49735443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.538908958 CET49735443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.538949013 CET4434973535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.539069891 CET49735443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.539227009 CET4434973535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.539519072 CET49735443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.667892933 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.667946100 CET44349738172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.669061899 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.670869112 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.670891047 CET44349738172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.971221924 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.971281052 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.972187042 CET4974480192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.978198051 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.979389906 CET804974434.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.982881069 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.982906103 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.988914967 CET4974480192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.989343882 CET4974480192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.994194984 CET804974434.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.295464993 CET49745443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.295520067 CET4434974534.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.296598911 CET49745443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.298129082 CET49745443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.298149109 CET4434974534.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.308202982 CET44349738172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.308991909 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.309217930 CET44349738172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.310076952 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.314616919 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.314629078 CET44349738172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.314704895 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.314838886 CET44349738172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.315157890 CET49738443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.316560984 CET49746443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.316586018 CET4434974634.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.317145109 CET49746443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.318566084 CET49746443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.318583012 CET4434974634.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.332088947 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.332118034 CET4434974735.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.341398954 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.359025955 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.359046936 CET4434974735.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.434055090 CET804974434.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.441536903 CET4974480192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.446571112 CET804974434.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.452667952 CET4974480192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.640611887 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.640628099 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.641343117 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.642313957 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.642338037 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.695673943 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.765414000 CET4434974534.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.775163889 CET49745443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.786904097 CET4434974634.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.787091970 CET49746443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.822027922 CET4434974735.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.822050095 CET4434974735.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.827411890 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.331688881 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.331785917 CET4434974735.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.332722902 CET4434974735.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.336252928 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.336281061 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.336498022 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.338812113 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.338985920 CET49743443192.168.2.7172.217.16.206
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.339008093 CET44349743172.217.16.206192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.339468002 CET49745443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.339490891 CET4434974534.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.339766026 CET4434974534.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.339837074 CET49745443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.339844942 CET4434974534.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.340106010 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.340186119 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.340517044 CET49753443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.340554953 CET4434974735.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.340596914 CET4434975334.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.341819048 CET49747443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.341862917 CET49753443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.341864109 CET49745443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.343857050 CET49753443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.343887091 CET4434975334.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.785264969 CET49746443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.785305977 CET4434974634.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.785402060 CET49746443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.785640001 CET4434974634.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.785815954 CET49760443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.785850048 CET4434976034.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.787502050 CET49746443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.787537098 CET49760443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.789091110 CET49760443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.789113998 CET4434976034.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.806586981 CET4434975334.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.807948112 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.808001041 CET4434976134.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.808038950 CET49753443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.808290958 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.811121941 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.811151028 CET4434976134.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.811289072 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.813504934 CET49753443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.813528061 CET4434975334.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.813558102 CET49753443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.813719988 CET4434975334.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.815320969 CET49753443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.816149950 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.823926926 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.824291945 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.829147100 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.865758896 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.870676041 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.872154951 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.872281075 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.877052069 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.913139105 CET49764443192.168.2.752.24.11.115
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.913183928 CET4434976452.24.11.115192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.925617933 CET49764443192.168.2.752.24.11.115
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.927148104 CET49764443192.168.2.752.24.11.115
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.927167892 CET4434976452.24.11.115192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.253587008 CET4434976034.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.253673077 CET49760443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.258481026 CET49760443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.258500099 CET4434976034.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.258580923 CET49760443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.258678913 CET4434976034.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.259645939 CET49760443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.294361115 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.310417891 CET4434976134.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.310508966 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.313910007 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.313915968 CET4434976134.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.314264059 CET4434976134.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.316852093 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317073107 CET4434976134.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317137003 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317145109 CET4434976134.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317406893 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317459106 CET4434977034.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317468882 CET49761443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317615032 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317749023 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.317759037 CET4434977034.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.328309059 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.383663893 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.383671999 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.719074011 CET4434976452.24.11.115192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.719090939 CET4434976452.24.11.115192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.719356060 CET49764443192.168.2.752.24.11.115
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.725034952 CET49764443192.168.2.752.24.11.115
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.725047112 CET4434976452.24.11.115192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.725205898 CET49764443192.168.2.752.24.11.115
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.725301981 CET4434976452.24.11.115192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.725528002 CET49764443192.168.2.752.24.11.115
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.787245035 CET4434977034.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.787642002 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.836863995 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.836889982 CET4434977034.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.837822914 CET4434977034.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.840081930 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.840164900 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.840338945 CET4434977034.160.144.191192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.840425014 CET49770443192.168.2.734.160.144.191
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.017077923 CET49777443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.017122984 CET4434977734.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.017277002 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.019273043 CET49777443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.020757914 CET49777443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.020776987 CET4434977734.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.022135019 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.037837982 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.042785883 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.114121914 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.135735035 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.186197996 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.186444998 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.486983061 CET4434977734.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.492134094 CET49777443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.497939110 CET49777443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.497965097 CET4434977734.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.498095036 CET49777443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.498205900 CET4434977734.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.499764919 CET49777443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.657548904 CET49779443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.657591105 CET4434977934.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.657836914 CET49779443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.659404039 CET49779443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.659420013 CET4434977934.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:39.124533892 CET4434977934.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:39.127124071 CET49779443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:39.131572962 CET49779443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:39.131601095 CET4434977934.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:39.131685019 CET49779443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:39.131866932 CET4434977934.117.188.166192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:39.132467985 CET49779443192.168.2.734.117.188.166
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.020637035 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.027751923 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.054629087 CET49798443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.054677963 CET4434979834.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.063837051 CET49798443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.066849947 CET49798443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.066871881 CET4434979834.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.119256973 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.164138079 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.354355097 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.365034103 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.451189995 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.496160030 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.529864073 CET4434979834.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.529881001 CET4434979834.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.530415058 CET49798443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.538580894 CET49798443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.538603067 CET4434979834.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.538710117 CET49798443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.538865089 CET4434979834.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.540184975 CET49798443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.769840956 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.774904966 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.867979050 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.913364887 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:45.482515097 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:45.487426043 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:45.580909014 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:45.623915911 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:46.039206028 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:46.044106960 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:46.135288000 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:46.178869009 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.183332920 CET49841443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.183368921 CET4434984134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.187342882 CET49841443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.187342882 CET49841443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.187400103 CET4434984134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.671216011 CET4434984134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.671308041 CET49841443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.677480936 CET49841443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.677488089 CET4434984134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.677556038 CET49841443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.677781105 CET4434984134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.677895069 CET49841443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.853065014 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.169250965 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740083933 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740093946 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.760798931 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.760854959 CET4434984635.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.761231899 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.761377096 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.761385918 CET4434984635.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.762293100 CET49847443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.762329102 CET4434984734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.762765884 CET49848443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.762797117 CET4434984834.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.766316891 CET49847443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.766376972 CET49848443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.767822981 CET49847443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.767838955 CET4434984734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.769232988 CET49848443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.769248962 CET4434984834.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.827354908 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.871365070 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.906286001 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.911077023 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.002512932 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.049819946 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.220041037 CET4434984635.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.220153093 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.224520922 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.224534988 CET4434984635.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.224978924 CET4434984635.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.228199005 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.228310108 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.228465080 CET4434984635.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.228534937 CET49846443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.230626106 CET4434984734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.230756998 CET49847443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.235872030 CET49847443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.235886097 CET4434984734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.235996962 CET49847443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.236063957 CET4434984734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.236159086 CET49847443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.247901917 CET4434984834.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.248016119 CET49848443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.253253937 CET49848443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.253266096 CET4434984834.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.253355026 CET49848443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.253428936 CET4434984834.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.253546953 CET49848443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.435645103 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.440783024 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.449208021 CET49853443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.449265957 CET4434985334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.451112032 CET49853443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.452867031 CET49853443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.452898979 CET4434985334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.535172939 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.589198112 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.731328011 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.736203909 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.827532053 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.874650955 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.915487051 CET4434985334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.921602011 CET49853443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.175698042 CET49853443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.175735950 CET4434985334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.175806999 CET49853443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.176131010 CET4434985334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.176188946 CET49853443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.192009926 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.198143959 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.205722094 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.205820084 CET4434985934.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.205931902 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.206190109 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.206226110 CET4434985934.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.289962053 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.338222980 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.668401003 CET4434985934.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.668509007 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.008629084 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.008711100 CET4434985934.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.009108067 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.009140968 CET4434985934.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.011471033 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.011540890 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.011706114 CET4434985934.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.012207031 CET49859443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.013886929 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.111499071 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.159410954 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.306617022 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.308624983 CET49875443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.308679104 CET4434987534.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.310184956 CET49875443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.311675072 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.403625011 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.460298061 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.338968039 CET49875443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.339015961 CET4434987534.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.339524031 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.339587927 CET4434988134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.339664936 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.339770079 CET4434988234.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.347639084 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.347770929 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.347896099 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.347913027 CET4434988134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.348016024 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.348046064 CET4434988234.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.355437994 CET49883443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.355464935 CET4434988334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.355664015 CET49883443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.357187033 CET49883443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.357197046 CET4434988334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.398999929 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.403846979 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.496128082 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.548122883 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.811151028 CET4434988134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.811167955 CET4434988134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.816025972 CET4434987534.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.818036079 CET49875443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.818048954 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.836313009 CET4434988234.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.836338043 CET4434988234.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.836411953 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.840243101 CET4434988334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.840352058 CET49883443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.986577988 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.986612082 CET4434988134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.986964941 CET4434988134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.990940094 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.990973949 CET4434988234.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.991336107 CET4434988234.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.997287989 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.997545004 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.997607946 CET4434988134.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998039007 CET49875443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998054028 CET4434987534.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998131037 CET49875443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998256922 CET49883443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998275042 CET4434988334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998302937 CET4434987534.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998354912 CET49883443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998465061 CET4434988334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998800039 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.998862982 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.999088049 CET4434988234.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.999818087 CET49881443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.999840975 CET49875443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.999859095 CET49883443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.999886036 CET49882443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.001811028 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.004904985 CET49889443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.004951954 CET4434988934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.006863117 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.010052919 CET49889443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.011492014 CET49889443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.011513948 CET4434988934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.113054037 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.165695906 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.487725019 CET4434988934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.487821102 CET49889443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.505975962 CET49889443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.505994081 CET4434988934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.506094933 CET49889443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.506191015 CET4434988934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.509800911 CET49889443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.796430111 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.801311970 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.804220915 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.807677984 CET49895443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.807703018 CET4434989534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.807946920 CET49895443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.809254885 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.809413910 CET49895443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.809425116 CET4434989534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.893378019 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.904990911 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.912549019 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.917393923 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.952474117 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.012738943 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.052892923 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.263854980 CET4434989534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.269254923 CET49895443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.275343895 CET49895443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.275343895 CET49895443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.275365114 CET4434989534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.275566101 CET4434989534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.275721073 CET49895443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.277354002 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.282207012 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.373888969 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.377388000 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.382456064 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.422743082 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.475586891 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.523055077 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.946865082 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.952075958 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.044735909 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.048409939 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.053361893 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.093651056 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.150024891 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.194283962 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.071225882 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.071265936 CET4434994335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.074050903 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.074230909 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.074240923 CET4434994335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.097884893 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.097996950 CET4434994434.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.098186016 CET49945443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.098210096 CET4434994535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100198030 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100260973 CET49945443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100384951 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100415945 CET4434994434.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.101922035 CET49945443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.101953983 CET4434994535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.103425026 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.103467941 CET44349946151.101.1.91192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.104134083 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.104262114 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.104278088 CET44349946151.101.1.91192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.117280006 CET49948443192.168.2.734.49.51.44
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.117312908 CET4434994834.49.51.44192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.117878914 CET49948443192.168.2.734.49.51.44
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.119395018 CET49948443192.168.2.734.49.51.44
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.119415998 CET4434994834.49.51.44192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.539587021 CET4434994335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.539778948 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.543426037 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.543441057 CET4434994335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.543673992 CET4434994335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.546375990 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.546504974 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.546554089 CET4434994335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.546674013 CET49943443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.551495075 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.556369066 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.558445930 CET4434994535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.558646917 CET49945443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.561788082 CET4434994434.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.562833071 CET49945443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.562849045 CET4434994535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.562920094 CET49945443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.563028097 CET4434994535.190.72.216192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.563863993 CET49945443192.168.2.735.190.72.216
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.563905001 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.566625118 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.566631079 CET4434994434.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.567214966 CET4434994434.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.570940971 CET44349946151.101.1.91192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.570993900 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.570993900 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.571038961 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.571362972 CET4434994434.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.571448088 CET49944443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.574106932 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.574121952 CET44349946151.101.1.91192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.574430943 CET44349946151.101.1.91192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.577219009 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.577299118 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.577410936 CET44349946151.101.1.91192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.577581882 CET49946443192.168.2.7151.101.1.91
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.586466074 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.586514950 CET4434995235.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.586926937 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.587029934 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.587038040 CET4434995235.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.588466883 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.588536978 CET4434995335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.588874102 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.588978052 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.588995934 CET4434995335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.591393948 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.591418982 CET4434995435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.594614983 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.594819069 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.594830990 CET4434995435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.600554943 CET4434994834.49.51.44192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.607300043 CET49948443192.168.2.734.49.51.44
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.611946106 CET49948443192.168.2.734.49.51.44
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.611974001 CET4434994834.49.51.44192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.612067938 CET49948443192.168.2.734.49.51.44
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.612262964 CET4434994834.49.51.44192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.613400936 CET49948443192.168.2.734.49.51.44
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.623620987 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.623663902 CET4434995534.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.623764038 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.623892069 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.623902082 CET4434995534.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.649167061 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.653388023 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.658202887 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.691483021 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.750340939 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.791800022 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.048453093 CET4434995335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.048543930 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.050815105 CET4434995235.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.051523924 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.051539898 CET4434995335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.051712036 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.051800966 CET4434995335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.054034948 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.054061890 CET4434995235.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.054851055 CET4434995235.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.057208061 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.057324886 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.057459116 CET4434995335.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.057571888 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.057610989 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.057790041 CET49953443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.057951927 CET4434995235.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.058171034 CET49952443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.058224916 CET4434995435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.058286905 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.061052084 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.061064959 CET4434995435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.061312914 CET4434995435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.064477921 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.064563990 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.064656019 CET4434995435.244.181.201192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.067040920 CET49954443192.168.2.735.244.181.201
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.068757057 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.073610067 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.082622051 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.087428093 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.087582111 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.087754965 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.092510939 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.123898029 CET4434995534.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.123991966 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.127170086 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.127178907 CET4434995534.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.127785921 CET4434995534.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.129674911 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.129765987 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.129878044 CET4434995534.149.100.209192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.129988909 CET49955443192.168.2.734.149.100.209
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.166100979 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.169425964 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.174391985 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.215121984 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.265480042 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.315542936 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686630011 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686692953 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686722994 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686821938 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686944008 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.687588930 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.688453913 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.688488960 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.688523054 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.688616037 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.690769911 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.690839052 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.690881014 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.690915108 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.691118002 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.693303108 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.693355083 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.693383932 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.693481922 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.693514109 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.693598032 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.695846081 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.695939064 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.695971966 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.695991993 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.747987986 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.773377895 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.773483038 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.773513079 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.773582935 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.773670912 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.773706913 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.773794889 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.774058104 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.774116039 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775136948 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775172949 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775206089 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775332928 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775381088 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775439024 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775604963 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775639057 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.775774956 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.777605057 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.777637959 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.777671099 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.777702093 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.777966022 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.777998924 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.778031111 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.778073072 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.778165102 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.780107975 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.780141115 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.780174971 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.780240059 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.780422926 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.780458927 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.780536890 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782612085 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782622099 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782660007 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782692909 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782756090 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782789946 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782819033 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.782864094 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.783102989 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.832566023 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860069036 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860148907 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860160112 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860562086 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860574007 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860857964 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860901117 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860910892 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.860922098 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861028910 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861301899 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861314058 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861324072 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861366034 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861779928 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861980915 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.861991882 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862039089 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862066031 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862256050 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862267017 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862319946 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862752914 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862765074 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862775087 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862786055 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862809896 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.862880945 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.863516092 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.863655090 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.863759041 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864144087 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864154100 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864195108 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864391088 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864402056 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864412069 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864907026 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864919901 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.864928961 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.865115881 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.865127087 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.865353107 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.865362883 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.865917921 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.866086960 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.866971970 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867046118 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867057085 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867206097 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867397070 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867408037 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867417097 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867429018 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867456913 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867479086 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.867999077 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.868009090 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.868065119 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.868170977 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.868182898 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.868227959 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869395018 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869405985 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869452953 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869606972 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869618893 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869666100 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869777918 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869801044 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869812965 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.869847059 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.870239019 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.870347023 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.870358944 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.870441914 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.870452881 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.870500088 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.946809053 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.946887016 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.946917057 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947057009 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947086096 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947123051 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947235107 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947235107 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947385073 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947419882 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947453022 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947509050 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947822094 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947854996 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.947889090 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948288918 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948322058 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948357105 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948389053 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948421955 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948520899 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948869944 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948921919 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948934078 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.948954105 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949031115 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949134111 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949167967 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949486017 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949518919 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949552059 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949579954 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949611902 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.949645996 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.950048923 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.950077057 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952017069 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952090979 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952168941 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952207088 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952357054 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952389002 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952496052 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952528954 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952779055 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952812910 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952914000 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952946901 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.952981949 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953015089 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953352928 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953385115 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953418970 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953452110 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953500032 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953809023 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953896046 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.953969002 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954001904 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954113960 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954185963 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954202890 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954221010 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954235077 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954269886 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954297066 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954550982 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954579115 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954611063 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954617023 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954643965 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954662085 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954925060 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954958916 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954993010 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.954997063 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955028057 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955050945 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955275059 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955342054 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955374956 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955396891 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955408096 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955441952 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955475092 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955509901 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955513000 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955538034 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.955595016 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956126928 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956160069 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956183910 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956192970 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956224918 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956244946 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956532955 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956625938 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956630945 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956655979 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956691027 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956722021 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956736088 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956814051 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.956996918 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957030058 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957062006 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957093954 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957127094 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957135916 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957160950 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957195044 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957202911 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957267046 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957695007 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957726955 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957760096 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957792044 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957824945 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957858086 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.957900047 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.958322048 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.958354950 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.958384037 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.958388090 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.958421946 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.958442926 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.018048048 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.024627924 CET49967443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.024713993 CET4434996734.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.024902105 CET49967443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.026467085 CET49967443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.026504040 CET4434996734.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.033797026 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.033854961 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.033890963 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.033915997 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.033957005 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.033993959 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034141064 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034212112 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034245014 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034271955 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034277916 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034315109 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034349918 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034353971 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034439087 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034657001 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034706116 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034739971 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034771919 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034805059 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034816027 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034837961 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034872055 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034885883 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034907103 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.034991026 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035449028 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035481930 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035514116 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035536051 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035547018 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035579920 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035598040 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035612106 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035645008 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035671949 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035677910 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035712004 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035723925 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035744905 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.035815001 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036326885 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036442995 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036492109 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036497116 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036520958 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036556005 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036576033 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036588907 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036628008 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036638975 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036659956 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036709070 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036729097 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036742926 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036775112 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036807060 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036808968 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036839962 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036875010 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036906958 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.036937952 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037241936 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037275076 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037307978 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037342072 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037378073 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037405014 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037406921 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.037502050 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.038708925 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.038755894 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.038790941 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.038825035 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.038840055 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.038860083 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.038894892 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039074898 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039108038 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039141893 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039153099 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039175034 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039258003 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039305925 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039355040 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039387941 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039421082 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039593935 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039627075 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.039659977 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040127993 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040447950 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040479898 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040512085 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040513992 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040544987 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040571928 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040577888 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040656090 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040740967 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040771961 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040806055 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040827036 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.040970087 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041002035 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041023970 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041034937 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041068077 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041132927 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041351080 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041383028 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041403055 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041415930 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041450977 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041484118 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041498899 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041516066 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041557074 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041568041 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041660070 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041661978 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041695118 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041745901 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.041783094 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.042893887 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.042937994 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.042996883 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043031931 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043064117 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043097973 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043128967 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043153048 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043209076 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043237925 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043248892 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043271065 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043304920 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043332100 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043353081 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043399096 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043432951 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043466091 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043502092 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043534994 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043567896 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043570042 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043656111 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043713093 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043823004 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043855906 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043889046 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043911934 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043920994 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043953896 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043987989 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.043996096 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.044059038 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123356104 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123567104 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123601913 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123636961 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123712063 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123737097 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123771906 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.123845100 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124023914 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124058008 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124092102 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124124050 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124156952 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124223948 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124469995 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124504089 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124546051 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124552965 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124587059 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124643087 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124754906 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124788046 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124819994 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124852896 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124900103 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124933958 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.124964952 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125356913 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125390053 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125422001 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125422955 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125454903 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125488043 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125521898 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125546932 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125555038 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125586987 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125619888 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.125706911 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126188993 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126219988 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126251936 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126277924 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126297951 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126329899 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126358032 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126362085 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126389980 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126421928 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126422882 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126456022 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126488924 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126488924 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126522064 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126550913 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126553059 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.126605034 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127146006 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127180099 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127212048 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127232075 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127243996 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127275944 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127295017 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127310038 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127346992 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127372980 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127377987 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127409935 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127424002 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127578020 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127605915 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127640963 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127657890 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127677917 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127723932 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127753973 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127785921 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127814054 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127846956 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127880096 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127928972 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127963066 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.127995968 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128027916 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128061056 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128093004 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128123999 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128617048 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128664970 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128695965 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128729105 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128761053 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128793955 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128825903 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.128859997 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129170895 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129203081 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129246950 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129281044 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129328966 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129362106 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129565001 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129596949 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129630089 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129662991 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129802942 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129863024 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129895926 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129926920 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129959106 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.129992008 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130023956 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130034924 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130057096 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130065918 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130091906 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130192995 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130289078 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130320072 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130362988 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130368948 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130402088 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130433083 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130470991 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130543947 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130657911 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130701065 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130733013 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130753040 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130764961 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130793095 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130822897 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130834103 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130856037 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130883932 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130898952 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.130951881 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131028891 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131058931 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131091118 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131118059 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131149054 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131179094 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131181002 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131208897 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131241083 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131274939 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131305933 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131357908 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131453991 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131649017 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131676912 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131707907 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131731987 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131741047 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131773949 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.131831884 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.493922949 CET4434996734.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.494052887 CET49967443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.499486923 CET49967443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.499535084 CET4434996734.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.499691963 CET49967443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.499759912 CET4434996734.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.499888897 CET49967443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.502702951 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.507631063 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.599725962 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.604034901 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.608881950 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.650665045 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.700392962 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.751003981 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.145447016 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.337856054 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.600075006 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.604943037 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.715975046 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.720854998 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.343895912 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.514897108 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.524799109 CET50022443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.524835110 CET4435002234.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.524900913 CET50022443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.526382923 CET50022443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.526401997 CET4435002234.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.607031107 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.612168074 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.729484081 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.735409021 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.986504078 CET4435002234.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.986587048 CET50022443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.991010904 CET50022443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.991024017 CET4435002234.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.991101980 CET50022443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.991219997 CET4435002234.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.991297007 CET50022443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.993644953 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.998522997 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.090451002 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.099050999 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.104705095 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.146302938 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.209361076 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.262307882 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.150829077 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.150887012 CET4435002334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151329994 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151376009 CET4435002434.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151499987 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151530027 CET4435002534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151689053 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151698112 CET4435002634.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151844025 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151850939 CET4435002734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151863098 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.151905060 CET4435002834.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.152833939 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.152879953 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.152905941 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.152905941 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.152996063 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153002977 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153003931 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153022051 CET4435002334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153204918 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153218031 CET4435002534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153384924 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153387070 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153398037 CET4435002834.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153403044 CET4435002434.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153491020 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153500080 CET4435002734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153592110 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.153611898 CET4435002634.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.607450962 CET4435002734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.607547045 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.610898018 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.610908985 CET4435002734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.611171007 CET4435002734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.611721039 CET4435002334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.612097979 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.614444017 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.614465952 CET4435002334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.614727020 CET4435002334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.616122007 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.616290092 CET4435002734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.616306067 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.616312981 CET4435002734.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.616487026 CET50027443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.617068052 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.617110968 CET4435002934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.617239952 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.617775917 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.617793083 CET4435002934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.617933035 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.617995024 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.618103981 CET4435002334.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.618371964 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.618418932 CET50023443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.618421078 CET4435003034.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.618494987 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.618657112 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.618668079 CET4435003034.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.621332884 CET4435002534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.621484995 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.624509096 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.624542952 CET4435002534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.624764919 CET4435002534.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.626996994 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.626996994 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.627089977 CET50025443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.635154963 CET4435002434.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.635668993 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.635951042 CET4435002834.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.637654066 CET4435002634.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.638771057 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.638778925 CET4435002434.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.639028072 CET4435002434.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.639723063 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.642167091 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.642170906 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.642187119 CET4435002834.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.642446995 CET4435002834.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.644392014 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.644397020 CET4435002634.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.644727945 CET4435002634.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.647072077 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.647159100 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.647289991 CET4435002434.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648160934 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648227930 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648622036 CET4435002834.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648760080 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648833990 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648960114 CET50024443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648969889 CET4435002634.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.648976088 CET50028443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.649241924 CET50026443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.659691095 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.664560080 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.757426977 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.787322044 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.792188883 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.812259912 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.883326054 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.927992105 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.158632994 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.158688068 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.160928011 CET4435002934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.160928965 CET4435003034.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.161024094 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.161046982 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.164671898 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.164684057 CET4435002934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.164971113 CET4435002934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.167377949 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.167386055 CET4435003034.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.167646885 CET4435003034.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.170851946 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.170959949 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.171015978 CET4435002934.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.171137094 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.171202898 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.171344042 CET4435003034.120.208.123192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.171447039 CET50030443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.171483040 CET50029443192.168.2.734.120.208.123
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.174276114 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.179126978 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.270863056 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.274144888 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.278974056 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.313580036 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.370100021 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.413789988 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:34.520231962 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:34.525490999 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:42.279336929 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:42.379453897 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:42.573399067 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:42.573463917 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:44.532634974 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:45.234638929 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:52.587192059 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:52.587379932 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:52.592164993 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:52.592248917 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:55.247704029 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:55.252669096 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:02.599692106 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:02.599699020 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:02.717480898 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:02.717497110 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.215073109 CET50031443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.215117931 CET4435003134.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.216237068 CET50031443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.217716932 CET50031443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.217755079 CET4435003134.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.260989904 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.265767097 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.693866014 CET4435003134.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.694133997 CET50031443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.700206995 CET50031443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.700218916 CET4435003134.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.700321913 CET50031443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.700407982 CET4435003134.107.243.93192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.700865984 CET50031443192.168.2.734.107.243.93
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.703145981 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.707916021 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.801188946 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.804817915 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.809708118 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.847201109 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.901051998 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.947480917 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.275304079 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.280051947 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.807959080 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.816843033 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.908269882 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.913283110 CET804976234.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.283114910 CET4996080192.168.2.72.22.61.56
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.288275957 CET80499602.22.61.56192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.822220087 CET4976380192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.827528000 CET804976334.107.221.82192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.922554970 CET4976280192.168.2.734.107.221.82
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.927608967 CET804976234.107.221.82192.168.2.7

                                                                                                                                                                                                                                                                                                                                                                                  UDP Packets

                                                                                                                                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.031203032 CET5202653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.040040970 CET53520261.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.057038069 CET6023653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.065407038 CET53602361.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.647087097 CET5670353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.652715921 CET5951353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.654133081 CET53567031.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.659601927 CET53595131.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.697612047 CET5628953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.704411030 CET53562891.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.705308914 CET5851353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.715401888 CET53585131.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.729814053 CET6531453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.734095097 CET6257453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.740102053 CET53653141.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.741700888 CET53625741.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.285258055 CET5999853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.294223070 CET53599981.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.296314001 CET5770253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.300964117 CET5294153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.304387093 CET53577021.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.307051897 CET5848953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.311026096 CET53529411.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.314455032 CET53584891.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.317061901 CET6165153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.326702118 CET53616511.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.332820892 CET6043853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.340749025 CET53604381.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.367883921 CET5500153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.368526936 CET5395553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.374819040 CET53550011.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.375063896 CET53539551.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.341622114 CET5859653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.348556995 CET53585961.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.782316923 CET5780453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.790425062 CET53578041.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.795840979 CET6509253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.799117088 CET5308353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.802793980 CET53650921.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.807358027 CET53530831.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.815922976 CET5252453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.824016094 CET53525241.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.825697899 CET4964453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.834172964 CET53496441.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.902339935 CET5285253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.909821987 CET53528521.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.914172888 CET5548853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.930850029 CET53554881.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.981287003 CET5414653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.989016056 CET53541461.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.038448095 CET6026053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.045743942 CET53602601.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.047022104 CET6441553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.054114103 CET53644151.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.055037975 CET5233753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.061789036 CET53523371.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.052422047 CET5577953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.060241938 CET53557791.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.070780993 CET6042953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.077642918 CET53604291.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.080532074 CET5790353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.087482929 CET53579031.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.183185101 CET6200853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.192085028 CET53620081.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.193593025 CET5151753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.205030918 CET53515171.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.078178883 CET5409453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740132093 CET53540941.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.762974977 CET6262053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.770354986 CET53626201.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.771162987 CET6047253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.778068066 CET53604721.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.340457916 CET6391953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.341073036 CET6428553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.348433971 CET53642851.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.349447012 CET53639191.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.776303053 CET5567153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.776393890 CET6425653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.776626110 CET5982053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783047915 CET53642561.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET53556711.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.784169912 CET53598201.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.790836096 CET4989353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.792248011 CET6175753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.792876959 CET5462153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.798440933 CET53498931.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.799360037 CET53617571.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET53546211.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.801263094 CET4990053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.801574945 CET5156753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.803145885 CET5707053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.809240103 CET53515671.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.810023069 CET6268053192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.811078072 CET53570701.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.812345028 CET6022553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.816941023 CET53626801.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.817683935 CET5822453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.819158077 CET53602251.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.819889069 CET5706653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.824208021 CET53499001.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.825509071 CET53582241.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.826965094 CET53570661.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.827088118 CET5472553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.827496052 CET5400353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.834532976 CET53540031.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.834582090 CET53547251.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.094047070 CET6447553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100894928 CET53644751.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.104049921 CET5817753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.108202934 CET6416953192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.112107038 CET53581771.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.112982988 CET5707653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.116252899 CET53641691.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.117831945 CET5942653192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.120281935 CET53570761.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.125624895 CET53594261.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.128488064 CET5539353192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.135729074 CET53553931.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.551577091 CET5818553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.558382988 CET53581851.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.082936049 CET5801153192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.091099977 CET53580111.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.091626883 CET6341553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.099073887 CET53634151.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.024775982 CET5794253192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.032442093 CET53579421.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.511044979 CET5019453192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.519253016 CET53501941.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.524177074 CET6426853192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.531388044 CET53642681.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.150341988 CET5070553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.157367945 CET53507051.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.216013908 CET5661753192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.222790956 CET53566171.1.1.1192.168.2.7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.703491926 CET5730553192.168.2.71.1.1.1
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.710309982 CET53573051.1.1.1192.168.2.7

                                                                                                                                                                                                                                                                                                                                                                                  DNS Queries

                                                                                                                                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.031203032 CET192.168.2.71.1.1.10xe24Standard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.057038069 CET192.168.2.71.1.1.10xe6cfStandard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.647087097 CET192.168.2.71.1.1.10xcdc6Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.652715921 CET192.168.2.71.1.1.10x12ceStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.697612047 CET192.168.2.71.1.1.10xb753Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.705308914 CET192.168.2.71.1.1.10x18e7Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.729814053 CET192.168.2.71.1.1.10x7886Standard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.734095097 CET192.168.2.71.1.1.10x59faStandard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.285258055 CET192.168.2.71.1.1.10xa3a3Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.296314001 CET192.168.2.71.1.1.10xb2cfStandard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.300964117 CET192.168.2.71.1.1.10xb4bdStandard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.307051897 CET192.168.2.71.1.1.10xbea1Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.317061901 CET192.168.2.71.1.1.10x82bfStandard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.332820892 CET192.168.2.71.1.1.10x407cStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.367883921 CET192.168.2.71.1.1.10x8f84Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.368526936 CET192.168.2.71.1.1.10xf0d6Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.341622114 CET192.168.2.71.1.1.10x3cf9Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.782316923 CET192.168.2.71.1.1.10xe79dStandard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.795840979 CET192.168.2.71.1.1.10xc941Standard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.799117088 CET192.168.2.71.1.1.10x9f04Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.815922976 CET192.168.2.71.1.1.10x74d3Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.825697899 CET192.168.2.71.1.1.10x9455Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.902339935 CET192.168.2.71.1.1.10x5493Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.914172888 CET192.168.2.71.1.1.10xd6f3Standard query (0)shavar.prod.mozaws.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.981287003 CET192.168.2.71.1.1.10x8f59Standard query (0)shavar.prod.mozaws.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.038448095 CET192.168.2.71.1.1.10x8289Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.047022104 CET192.168.2.71.1.1.10xd52bStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.055037975 CET192.168.2.71.1.1.10xa6aaStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.052422047 CET192.168.2.71.1.1.10xd33bStandard query (0)support.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.070780993 CET192.168.2.71.1.1.10x56b9Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.080532074 CET192.168.2.71.1.1.10xb57Standard query (0)us-west1.prod.sumo.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.183185101 CET192.168.2.71.1.1.10x270aStandard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.193593025 CET192.168.2.71.1.1.10x529cStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.078178883 CET192.168.2.71.1.1.10x2ab5Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.762974977 CET192.168.2.71.1.1.10x6c00Standard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.771162987 CET192.168.2.71.1.1.10x5b20Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.340457916 CET192.168.2.71.1.1.10x7393Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.341073036 CET192.168.2.71.1.1.10xabacStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.776303053 CET192.168.2.71.1.1.10x2201Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.776393890 CET192.168.2.71.1.1.10x829dStandard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.776626110 CET192.168.2.71.1.1.10x9dedStandard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.790836096 CET192.168.2.71.1.1.10x8413Standard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.792248011 CET192.168.2.71.1.1.10xd12bStandard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.792876959 CET192.168.2.71.1.1.10x8301Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.801263094 CET192.168.2.71.1.1.10x1c1dStandard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.801574945 CET192.168.2.71.1.1.10x7e83Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.803145885 CET192.168.2.71.1.1.10xa112Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.810023069 CET192.168.2.71.1.1.10xad43Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.812345028 CET192.168.2.71.1.1.10x74e7Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.817683935 CET192.168.2.71.1.1.10x9caStandard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.819889069 CET192.168.2.71.1.1.10x33b2Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.827088118 CET192.168.2.71.1.1.10x9d7fStandard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.827496052 CET192.168.2.71.1.1.10x9021Standard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.094047070 CET192.168.2.71.1.1.10x7ac8Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.104049921 CET192.168.2.71.1.1.10x99faStandard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.108202934 CET192.168.2.71.1.1.10xbe41Standard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.112982988 CET192.168.2.71.1.1.10x8126Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.117831945 CET192.168.2.71.1.1.10x2f79Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.128488064 CET192.168.2.71.1.1.10x76d8Standard query (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.551577091 CET192.168.2.71.1.1.10x997Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.082936049 CET192.168.2.71.1.1.10x5f23Standard query (0)a19.dscg10.akamai.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.091626883 CET192.168.2.71.1.1.10x2d5cStandard query (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.024775982 CET192.168.2.71.1.1.10xafa5Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.511044979 CET192.168.2.71.1.1.10x898aStandard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.524177074 CET192.168.2.71.1.1.10x88b3Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.150341988 CET192.168.2.71.1.1.10xf8e0Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.216013908 CET192.168.2.71.1.1.10xeaf9Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.703491926 CET192.168.2.71.1.1.10xc758Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                                                  DNS Answers

                                                                                                                                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:33.986521006 CET1.1.1.1192.168.2.70x5672No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.040040970 CET1.1.1.1192.168.2.70xe24No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.654133081 CET1.1.1.1192.168.2.70xcdc6No error (0)youtube.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.659601927 CET1.1.1.1192.168.2.70x12ceNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.659601927 CET1.1.1.1192.168.2.70x12ceNo error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.659601927 CET1.1.1.1192.168.2.70x12ceNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.704411030 CET1.1.1.1192.168.2.70xb753No error (0)youtube.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.715401888 CET1.1.1.1192.168.2.70x18e7No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.740102053 CET1.1.1.1192.168.2.70x7886No error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.741700888 CET1.1.1.1192.168.2.70x59faNo error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.294223070 CET1.1.1.1192.168.2.70xa3a3No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.304387093 CET1.1.1.1192.168.2.70xb2cfNo error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.311026096 CET1.1.1.1192.168.2.70xb4bdNo error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.311026096 CET1.1.1.1192.168.2.70xb4bdNo error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.325437069 CET1.1.1.1192.168.2.70x1f53No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.325437069 CET1.1.1.1192.168.2.70x1f53No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.326702118 CET1.1.1.1192.168.2.70x82bfNo error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.340749025 CET1.1.1.1192.168.2.70x407cNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.374819040 CET1.1.1.1192.168.2.70x8f84No error (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.348556995 CET1.1.1.1192.168.2.70x3cf9No error (0)example.org23.215.0.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.348556995 CET1.1.1.1192.168.2.70x3cf9No error (0)example.org23.215.0.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.348556995 CET1.1.1.1192.168.2.70x3cf9No error (0)example.org96.7.128.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.348556995 CET1.1.1.1192.168.2.70x3cf9No error (0)example.org96.7.128.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.790425062 CET1.1.1.1192.168.2.70xe79dNo error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.790425062 CET1.1.1.1192.168.2.70xe79dNo error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.802793980 CET1.1.1.1192.168.2.70xc941No error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.802793980 CET1.1.1.1192.168.2.70xc941No error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.802793980 CET1.1.1.1192.168.2.70xc941No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.807358027 CET1.1.1.1192.168.2.70x9f04No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.807358027 CET1.1.1.1192.168.2.70x9f04No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.807358027 CET1.1.1.1192.168.2.70x9f04No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.824016094 CET1.1.1.1192.168.2.70x74d3No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.834172964 CET1.1.1.1192.168.2.70x9455No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.909821987 CET1.1.1.1192.168.2.70x5493No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.909821987 CET1.1.1.1192.168.2.70x5493No error (0)shavar.prod.mozaws.net52.24.11.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.909821987 CET1.1.1.1192.168.2.70x5493No error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.909821987 CET1.1.1.1192.168.2.70x5493No error (0)shavar.prod.mozaws.net34.209.7.244A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.930850029 CET1.1.1.1192.168.2.70xd6f3No error (0)shavar.prod.mozaws.net34.209.7.244A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.930850029 CET1.1.1.1192.168.2.70xd6f3No error (0)shavar.prod.mozaws.net34.208.172.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.930850029 CET1.1.1.1192.168.2.70xd6f3No error (0)shavar.prod.mozaws.net52.24.11.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.045743942 CET1.1.1.1192.168.2.70x8289No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.054114103 CET1.1.1.1192.168.2.70xd52bNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.060241938 CET1.1.1.1192.168.2.70xd33bNo error (0)support.mozilla.orgprod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.060241938 CET1.1.1.1192.168.2.70xd33bNo error (0)prod.sumo.prod.webservices.mozgcp.netus-west1.prod.sumo.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.060241938 CET1.1.1.1192.168.2.70xd33bNo error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.077642918 CET1.1.1.1192.168.2.70x56b9No error (0)us-west1.prod.sumo.prod.webservices.mozgcp.net34.149.128.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.181019068 CET1.1.1.1192.168.2.70x5c2cNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.192085028 CET1.1.1.1192.168.2.70x270aNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740120888 CET1.1.1.1192.168.2.70xc032No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740120888 CET1.1.1.1192.168.2.70xc032No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740132093 CET1.1.1.1192.168.2.70x2ab5No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740132093 CET1.1.1.1192.168.2.70x2ab5No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.740144968 CET1.1.1.1192.168.2.70x9c2fNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.770354986 CET1.1.1.1192.168.2.70x6c00No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783047915 CET1.1.1.1192.168.2.70x829dNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783047915 CET1.1.1.1192.168.2.70x829dNo error (0)star-mini.c10r.facebook.com157.240.253.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.783358097 CET1.1.1.1192.168.2.70x2201No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.784169912 CET1.1.1.1192.168.2.70x9dedNo error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.784169912 CET1.1.1.1192.168.2.70x9dedNo error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.798440933 CET1.1.1.1192.168.2.70x8413No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.799360037 CET1.1.1.1192.168.2.70xd12bNo error (0)star-mini.c10r.facebook.com157.240.252.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com216.58.212.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.800312042 CET1.1.1.1192.168.2.70x8301No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.809240103 CET1.1.1.1192.168.2.70x7e83No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.811078072 CET1.1.1.1192.168.2.70xa112No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.811078072 CET1.1.1.1192.168.2.70xa112No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.811078072 CET1.1.1.1192.168.2.70xa112No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.811078072 CET1.1.1.1192.168.2.70xa112No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.816941023 CET1.1.1.1192.168.2.70xad43No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.816941023 CET1.1.1.1192.168.2.70xad43No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.816941023 CET1.1.1.1192.168.2.70xad43No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.816941023 CET1.1.1.1192.168.2.70xad43No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.816941023 CET1.1.1.1192.168.2.70xad43No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.819158077 CET1.1.1.1192.168.2.70x74e7No error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.819158077 CET1.1.1.1192.168.2.70x74e7No error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.819158077 CET1.1.1.1192.168.2.70x74e7No error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.819158077 CET1.1.1.1192.168.2.70x74e7No error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.824208021 CET1.1.1.1192.168.2.70x1c1dNo error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.825509071 CET1.1.1.1192.168.2.70x9caNo error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.825509071 CET1.1.1.1192.168.2.70x9caNo error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.825509071 CET1.1.1.1192.168.2.70x9caNo error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.825509071 CET1.1.1.1192.168.2.70x9caNo error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.826965094 CET1.1.1.1192.168.2.70x33b2No error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100894928 CET1.1.1.1192.168.2.70x7ac8No error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100894928 CET1.1.1.1192.168.2.70x7ac8No error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100894928 CET1.1.1.1192.168.2.70x7ac8No error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.100894928 CET1.1.1.1192.168.2.70x7ac8No error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.112107038 CET1.1.1.1192.168.2.70x99faNo error (0)services.addons.mozilla.org151.101.65.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.112107038 CET1.1.1.1192.168.2.70x99faNo error (0)services.addons.mozilla.org151.101.129.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.112107038 CET1.1.1.1192.168.2.70x99faNo error (0)services.addons.mozilla.org151.101.193.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.112107038 CET1.1.1.1192.168.2.70x99faNo error (0)services.addons.mozilla.org151.101.1.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.116252899 CET1.1.1.1192.168.2.70xbe41No error (0)normandy.cdn.mozilla.netnormandy.tombstone.experimenter.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.116252899 CET1.1.1.1192.168.2.70xbe41No error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.120281935 CET1.1.1.1192.168.2.70x8126No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.120281935 CET1.1.1.1192.168.2.70x8126No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.120281935 CET1.1.1.1192.168.2.70x8126No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.120281935 CET1.1.1.1192.168.2.70x8126No error (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.125624895 CET1.1.1.1192.168.2.70x2f79No error (0)normandy.tombstone.experimenter.prod.webservices.mozgcp.net34.49.51.44A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.558382988 CET1.1.1.1192.168.2.70x997No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.558382988 CET1.1.1.1192.168.2.70x997No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.558382988 CET1.1.1.1192.168.2.70x997No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.081774950 CET1.1.1.1192.168.2.70xadc7No error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.081774950 CET1.1.1.1192.168.2.70xadc7No error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.081774950 CET1.1.1.1192.168.2.70xadc7No error (0)a17.rackcdn.com.mdc.edgesuite.neta19.dscg10.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.081774950 CET1.1.1.1192.168.2.70xadc7No error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.081774950 CET1.1.1.1192.168.2.70xadc7No error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.091099977 CET1.1.1.1192.168.2.70x5f23No error (0)a19.dscg10.akamai.net2.22.61.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.091099977 CET1.1.1.1192.168.2.70x5f23No error (0)a19.dscg10.akamai.net2.22.61.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.099073887 CET1.1.1.1192.168.2.70x2d5cNo error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.099073887 CET1.1.1.1192.168.2.70x2d5cNo error (0)a19.dscg10.akamai.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.519253016 CET1.1.1.1192.168.2.70x898aNo error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.149223089 CET1.1.1.1192.168.2.70x21baNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.710309982 CET1.1.1.1192.168.2.70xc758No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.710309982 CET1.1.1.1192.168.2.70xc758No error (0)detectportal.prod.mozaws.netprod.detectportal.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.710309982 CET1.1.1.1192.168.2.70xc758No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                                                  HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                                                                  • detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  • ciscobinary.openh264.org

                                                                                                                                                                                                                                                                                                                                                                                  HTTP Packets

                                                                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                  0192.168.2.74974434.107.221.82807844C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:34.989343882 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:35.434055090 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76729
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                  1192.168.2.74976234.107.221.82807844C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.824291945 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.294361115 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30680
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.017277002 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.114121914 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30681
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.020637035 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.119256973 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30684
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.769840956 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.867979050 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30684
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:46.039206028 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:46.135288000 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30689
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.906286001 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.002512932 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30691
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.731328011 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.827532053 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30692
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.009108067 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.111499071 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30695
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.398999929 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:53.496128082 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30696
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.796430111 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.893378019 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30697
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.912549019 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.012738943 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30697
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.377388000 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.475586891 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30698
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.048409939 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.150024891 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30699
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.653388023 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.750340939 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30705
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.169425964 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.265480042 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30706
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.604034901 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.700392962 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30707
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.715975046 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.729484081 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.099050999 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.209361076 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30728
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.787322044 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.883326054 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30734
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.158632994 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30734
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.274144888 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.370100021 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30735
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:42.379453897 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:52.587379932 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:02.599699020 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.804817915 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.901051998 CET216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 07:59:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 30768
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.908269882 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.922554970 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:


                                                                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                  2192.168.2.74976334.107.221.82807844C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:36.872281075 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:37.328309059 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76731
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.037837982 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:38.135735035 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76732
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.354355097 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:41.451189995 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76735
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:45.482515097 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:45.580909014 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76739
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:47.853065014 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.169250965 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:48.827354908 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76742
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.435645103 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:49.535172939 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76743
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.192009926 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:50.289962053 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76744
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.306617022 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:52.403625011 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76746
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.001811028 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.113054037 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76748
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.804220915 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:54.904990911 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76748
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.277354002 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.373888969 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76749
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:55.946865082 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:30:56.044735909 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76749
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.551495075 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:02.649167061 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76756
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.068757057 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.166100979 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76757
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.502702951 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:04.599725962 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76758
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:14.600075006 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.607031107 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:24.993644953 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:25.090451002 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76779
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.659691095 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:31.757426977 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76785
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.174276114 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:32.270863056 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76786
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:42.279336929 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:52.587192059 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:02.599692106 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.703145981 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:05.801188946 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                                                  Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                  Date: Fri, 14 Feb 2025 19:11:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Age: 76819
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:15.807959080 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:32:25.822220087 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii:


                                                                                                                                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                  3192.168.2.7499602.22.61.56807844C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.087754965 CET305OUTGET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                  Host: ciscobinary.openh264.org
                                                                                                                                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686630011 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                  Last-Modified: Fri, 07 Feb 2025 06:55:57 GMT
                                                                                                                                                                                                                                                                                                                                                                                  ETag: 85430baed3398695717b0263807cf97c
                                                                                                                                                                                                                                                                                                                                                                                  Content-Length: 453023
                                                                                                                                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                  X-Timestamp: 1738911356.44453
                                                                                                                                                                                                                                                                                                                                                                                  Content-Type: application/zip
                                                                                                                                                                                                                                                                                                                                                                                  X-Trans-Id: txf36a3cdb14a04fca91417-0067a71e89dfw1
                                                                                                                                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=246080
                                                                                                                                                                                                                                                                                                                                                                                  Expires: Tue, 18 Feb 2025 12:52:23 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Date: Sat, 15 Feb 2025 16:31:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                  Data Raw: 50 4b 03 04 14 00 00 00 08 00 cd 8d 62 4e d0 b9 df e8 52 e8 06 00 d0 97 0f 00 0f 00 00 00 67 6d 70 6f 70 65 6e 68 32 36 34 2e 64 6c 6c ec bd 0b 7c 14 45 b6 30 de 3d 99 84 49 98 a4 07 8c 18 31 c2 e8 ce ea 34 66 31 71 e3 9a 60 d4 e9 d0 93 f4 e0 04 c2 d3 80 88 71 a3 b9 a0 08 11 27 2b b8 10 08 93 68 2a 6d 7b d9 bb 7a d7 dd 6f 5f ff 7b 77 ef dd e7 c5 bd ee f2 d0 95 cc 24 92 07 28 24 41 21 c0 8a 11 7c 4c 18 81 00 42 26 41 32 ff 73 aa 7b 9e 04 44 64 f7 ff dd ff f7 f1 63 d2 55 d5 55 e7 d4 39 75 ce a9 53 a7 aa bb 4b 16 6c 60 12 18 86 d1 c3 2f 18 64 98 2d 8c fa cf c6 7c f9 bf 00 fc d2 26 be 9e c6 fc 39 f9 9d 9b b6 b0 ce 77 6e 9a b3 78 c9 d3 e6 aa 15 cb ff 69 c5 23 4f 9a 2b 1e 59 b6 6c b9 cb fc dd c7 cc 2b aa 97 99 97 2c 33 8b 33 66 9b 9f 5c fe e8 63 93 53 53 53 2c 1a 8c e9 d2 cf b7 a4 f0 fd fe d0 ef b1 92 cf 8f 4e a4 d7 d3 47 47 d1 eb 99 a3 ff 46 af 27 8f 26 d3 3a 27 fd 4b e0 5a 26 9c 3e 9a 40 af 67 8e de 4d af 9f 1f 4d d7 60 fc 13 fc 2a 84 fe a3 a3 e9 f5 14 bd ce 5a 52 b1 18 ef 85 fa 5e 6a 67 98 47 9f 4b 62 [TRUNCATED]
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: PKbNRgmpopenh264.dll|E0=I14f1q`q'+h*m{zo_{w$($A!|LB&A2s{DdcUU9uSKl`/d-|&9wnxi#O+Yl+,33f\cSSS,NGGF'&:'KZ&>@gMM`*ZR^jgGKbo~va<Z1.#OeDXi$imBWQ&P,M,:c-\*-iKI4a6*Ov=WFCH>a'x#@fdu1OV1o}g5_3JHiZipM.bZ%GF/3qJo%gN*})3N%!q*^Im~6#~+AI]rx*<IYjp0`SM@Ef=;!@EE 0nJdduM-qIlRz=}rDXLZx$|c1cUkM&Qn]a]th*!6 7JdDvKJ"Wgd*%nwJniinmr@M$'Zs#)%
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686692953 CET224INData Raw: bd c1 52 73 bd a7 3a 09 68 e9 f5 eb 80 14 52 9c 01 ad ef 5c 1f 81 74 b2 36 16 12 27 91 67 cc 95 dc 09 0f a4 8b f3 f0 8f 55 6a 2b 46 bd 63 72 3a 7c 07 a7 21 9f 8a 4b e1 57 c6 59 13 b3 a0 31 37 a6 b8 aa ad b8 02 2c f5 8a b6 e2 72 f1 b1 8a e5 ad c5
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: Rs:hR\t6'gUj+Fcr:|!KWY17,r>N3RY_\IrDNJdM k&V-z%-Di&672T)>0%&;`Zc,)T;jI~yRr&=V4C|-h(*
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686722994 CET1236INData Raw: 06 64 49 55 6b 71 39 03 cc 5b bd 1e c5 ad 18 08 99 01 64 76 b8 80 d1 6c b0 34 03 07 d7 8c dd f7 4d 74 62 ff 2e 6f 7c 6f 8f 1a 95 27 9e bb e8 f8 4a 19 5f 3a be 0f d5 47 20 8d a9 bf c4 f8 5a db 8a f3 10 2c a6 a1 43 c5 a5 da 30 7f 2e d1 61 2e 83 5f
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: dIUkq9[dvl4Mtb.o|o'J_:G Z,C0.a._9}-mOy9sC0/a?wJWxekb!.b-iE,.rtRbEc>2`<)mD+< A*Py(L"InI%eHL`
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.686944008 CET224INData Raw: 27 82 06 a5 3a a8 f8 40 7f 56 1a a4 36 9b ea 9c 12 f0 c4 14 c9 e4 fb 0b b5 66 76 ec 61 29 f5 e2 47 90 5f 10 ca c7 4b a1 17 fd be 3d 67 54 13 97 1d bf 1a 0a f9 3b 73 43 1e cf 2b b1 1e 8f 09 c9 29 21 bb 1c e4 3d 07 d9 ed bb 3d 91 96 1a 54 f3 5a 42
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: ':@V6fva)G_K=gT;sC+)!==TZB6}jC3NZtSnp$KUl'}U IN~\+PU^Kt:u*;I/l`%s^9pD<No|&zc%Z}n
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.688453913 CET1236INData Raw: 65 e2 0d ce 32 21 19 aa db 2d d7 98 d0 d6 7e 3b ca d6 1a a8 31 35 44 db da 9b c0 63 78 25 ec 31 3c a4 ce da e1 9a 60 76 3f 50 67 39 d5 2d 33 f9 3b a3 fc 87 b9 21 0f 42 0a 7b 10 2a 72 31 84 fc a6 4b 22 af ce f4 a7 46 a3 4a 8d 41 85 e3 2f c5 74 2b
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: e2!-~;15Dcx%1<`v?Pg9-3;!B{*r1K"FJA/t+j72~coyFG1lARYJoiwDJ+ujuDHYl(deTeIzG`TNjhb[NjHT$S.v*Rh(5;|3ph{v::
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.688488960 CET1236INData Raw: 7f b5 c6 f8 af a3 3f bd 4a fe eb 73 89 97 f6 df 2a 13 43 f4 c5 5a 8a 72 8e 77 c1 3a 1f dd fd 44 dd e9 b4 48 8c b5 02 56 b1 09 ab 0c 8d f3 4b 9d f2 23 12 67 7a 2a cf 29 2f 31 01 cd d9 52 38 38 29 cf b4 3a 15 97 c5 86 fb 02 67 3e 87 79 53 9e 67 6e
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: ?Js*CZrw:DHVK#gz*)/1R88):g>ySgnX-P16E)XA!^8>9"Z[Q&%>+xFz^XCWr_-j&(CFSHy+IOJ}Oqc$FZz+a yj$j'8+e
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.688523054 CET448INData Raw: 62 59 a1 3a 30 da 1f c7 46 38 f7 c6 ae b7 e7 c5 9f 5d a8 36 5f d5 9d 87 6c ad 47 1b 46 c6 e7 3b 33 98 32 52 3c 2a 7c ff bd 41 4d 6d c3 e7 1d cc 76 b2 cb 49 da 24 b2 93 ee 1d dc b1 15 a7 08 df 1f 0f a0 b9 ab d2 f6 0e 3e 2d d7 34 b2 0c b5 d2 2c 92
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: bY:0F8]6_lGF;32R<*|AMmvI$>-4,*kx@<w LP#a=5;byI bIj+pB1\X*%]"^\no%S<ov|2z_gOg/n}{6{ED$Y'1ZHBF
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.690769911 CET1236INData Raw: 5d a9 21 56 d8 03 7a ff 68 27 e9 2b 01 43 fe 1e e8 be 9d f4 df af a4 af 13 dc ab df cd 66 6a 36 39 14 e3 bb 20 48 d9 0e 79 f5 bb 79 0e 79 ce bb b6 9c b3 95 1b e4 82 cd c8 cf 42 b6 60 1d f8 84 06 59 ff aa db f3 05 d1 49 f2 2a 83 54 a1 df cc b6 48
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: ]!Vzh'+Cfj69 HyyyB`YI*THl3*X)uugr#p<I0}UhQAg4o|B%[XG!\(r7KGfKWj4n&(\Lrb>/rsj|~j
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.690881014 CET1236INData Raw: 0e 58 3d bd ec 65 3b 48 7b e8 78 63 24 de 92 1d 7e be 44 d6 a9 15 9b d7 6d ab c2 5d 24 ae 6e 3d fc 6d e8 52 b2 92 dd db 75 a2 fc a2 0b f7 d0 f2 df 71 99 c9 52 3c d7 9b 78 ff 2c b4 b8 6a 9c cf f7 c4 1f 92 19 f2 5f 58 45 4e 02 55 af 5e a0 41 71 cd
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: X=e;H{xc$~Dm]$n=mRuqR<x,j_XENU^Aq+95d>wszk*nfoj{>#_D]}$gzm"b]{5>I? aT=t*_sPQFM{_>6!kF&9U5D
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.690915108 CET448INData Raw: 8e 80 f1 d6 7f 38 46 eb 3f 1c 23 ff 8f c5 d8 58 38 5e ff 5a c1 75 dc f3 45 f8 0e 91 4d 9e 26 d6 b0 8e 91 b8 7f 6f e3 dc b9 f8 7a 11 3a 17 65 de e0 6e 61 b5 ee 2c 6c 8a cc 0d 47 e8 dc f0 f5 04 cb 7d 84 8d e9 d1 3f 18 23 41 f5 49 58 9d e6 3d a2 a3
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: 8F?#X8^ZuEM&oz:ena,lG}?#AIX=)lWhn)U1o+dw~`#z=W,3&7`kG)EdnjT3sTF?/0'^kuQD=8d^[Q*WdHhP7
                                                                                                                                                                                                                                                                                                                                                                                  Feb 15, 2025 17:31:03.693303108 CET1236INData Raw: 99 ab a9 73 7e 10 21 b3 7f 3f 98 f2 0a 83 52 f4 85 bb f5 bc aa 6a d7 51 ff 65 c7 5c 50 b5 82 5a 91 f4 f0 81 9a 55 64 d0 ef fc ca 7e cc f3 73 23 7e 8c 48 1d 19 ee c5 3a 8d db 47 a8 2d e9 db 05 d9 82 0d 5c dd 12 50 df 82 cf b9 ba 47 f0 9a c5 d5 cd
                                                                                                                                                                                                                                                                                                                                                                                  Data Ascii: s~!?RjQe\PZUd~s#~H:G-\PGk_H?ff)\{ZL$Ney?u2,qe|+WJx@W9h.k,s)]d{ q{;bl@,S/(^z1


                                                                                                                                                                                                                                                                                                                                                                                  Statistics

                                                                                                                                                                                                                                                                                                                                                                                  CPU Usage

                                                                                                                                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                                  Memory Usage

                                                                                                                                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                                  High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                                                                  Behavior

                                                                                                                                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                                  System Behavior

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:1
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:24
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Users\user\Desktop\random.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\Desktop\random.exe"
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x4b0000
                                                                                                                                                                                                                                                                                                                                                                                  File size:970'752 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:BCA58035430238FDE9990DF16040D699
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:3
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:25
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0xdc0000
                                                                                                                                                                                                                                                                                                                                                                                  File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:4
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:25
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:5
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:27
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0xdc0000
                                                                                                                                                                                                                                                                                                                                                                                  File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:6
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:27
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:7
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:27
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0xdc0000
                                                                                                                                                                                                                                                                                                                                                                                  File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:8
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:27
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:9
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:27
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0xdc0000
                                                                                                                                                                                                                                                                                                                                                                                  File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:10
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:27
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:11
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:28
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0xdc0000
                                                                                                                                                                                                                                                                                                                                                                                  File size:74'240 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:12
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:28
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff75da10000
                                                                                                                                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:13
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:28
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff722870000
                                                                                                                                                                                                                                                                                                                                                                                  File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:14
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:28
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff722870000
                                                                                                                                                                                                                                                                                                                                                                                  File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:15
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:28
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff722870000
                                                                                                                                                                                                                                                                                                                                                                                  File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:17
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:29
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2280 -parentBuildID 20230927232528 -prefsHandle 2212 -prefMapHandle 2192 -prefsLen 25302 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2eb8d58-80a5-43e1-9d87-68a417caddbb} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8deb70510 socket
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff722870000
                                                                                                                                                                                                                                                                                                                                                                                  File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:19
                                                                                                                                                                                                                                                                                                                                                                                  Start time:11:30:32
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4364 -parentBuildID 20230927232528 -prefsHandle 3272 -prefMapHandle 1192 -prefsLen 26317 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6226335b-133b-4645-a31d-b8450eb35a66} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f0038810 rdd
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff722870000
                                                                                                                                                                                                                                                                                                                                                                                  File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                                                                                  Target ID:21
                                                                                                                                                                                                                                                                                                                                                                                  Start time:12:31:00
                                                                                                                                                                                                                                                                                                                                                                                  Start date:15/02/2025
                                                                                                                                                                                                                                                                                                                                                                                  Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5516 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 3364 -prefMapHandle 3368 -prefsLen 33202 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7868ebf1-24a1-4c81-8237-efed4182eb8b} 7844 "\\.\pipe\gecko-crash-server-pipe.7844" 1c8f1b49710 utility
                                                                                                                                                                                                                                                                                                                                                                                  Imagebase:0x7ff722870000
                                                                                                                                                                                                                                                                                                                                                                                  File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                                                  MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                  Disassembly

                                                                                                                                                                                                                                                                                                                                                                                  Reset < >